f7fa1656801b1add54e41e754ae0b04c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f7fa1656801b1add54e41e754ae0b04c_JaffaCakes118
Size

457KB
MD5

f7fa1656801b1add54e41e754ae0b04c
SHA1

f851a0259fca0c96c1d769c22e4273fe1b446ab9
SHA256

b28073186188f0466a33ebf2eb3250845f4df8133ac526963a34496be7a21ab3
SHA512

be72f9bb38e67382d05e10bc8328f3a06d2b95bea899db74da2466b5073e393ddb314977a5719bd719ec47594925bacff1e130f12f4a2100f78aa61a9352eb42
SSDEEP

12288:/Y2pk8chi+A5YrJ7yS+9zKiLAY6DdKBdo:w2aPhjAaJ729zHLRig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7fa1656801b1add54e41e754ae0b04c_JaffaCakes118

Files

f7fa1656801b1add54e41e754ae0b04c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

048b02a374639579ff9b71e6d61bd2b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetWindowOrgEx
GetTextColor
GetRgnBox
AddFontResourceW

shell32

SHFileOperationW
SHGetDiskFreeSpaceA
SHGetDataFromIDListW
ShellExecuteW

kernel32

FindResourceW
GetTimeZoneInformation
GetFileType
GetCurrentThreadId
LoadLibraryA
HeapAlloc
FreeEnvironmentStringsW
GetPrivateProfileSectionNamesA
IsDebuggerPresent
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameW
VirtualQuery
TlsSetValue
HeapReAlloc
GetStartupInfoA
DeleteCriticalSection
SetHandleCount
MultiByteToWideChar
WideCharToMultiByte
GetStartupInfoW
VirtualFree
GetEnvironmentStrings
HeapFree
LCMapStringA
EnterCriticalSection
GetStringTypeW
ExitProcess
GetSystemTimeAsFileTime
GetCPInfo
GetLocaleInfoA
ReleaseMutex
GetTickCount
GetCommandLineW
GetProcessHeap
Sleep
HeapDestroy
RtlUnwind
GetUserDefaultLCID
FreeEnvironmentStringsA
VirtualAlloc
GetCurrentProcessId
TerminateProcess
GetTimeFormatA
GetStringTypeA
InitializeCriticalSection
CompareStringA
CompareStringW
GetProcAddress
TlsFree
GetModuleFileNameA
GetDateFormatA
WriteFile
LCMapStringW
GetModuleHandleA
IsValidLocale
SetLastError
HeapSize
GetCommandLineA
TlsGetValue
GetACP
SetConsoleCtrlHandler
TlsAlloc
GetLastError
FreeLibrary
LeaveCriticalSection
HeapCreate
GetVersionExA
GetConsoleTitleW
IsValidCodePage
InterlockedExchange
GetOEMCP
GetCurrentProcess
GetCurrentThread
QueryPerformanceCounter
InterlockedDecrement
EnumSystemLocalesA
GetLocaleInfoW
SetConsoleCP
SetEnvironmentVariableA
InterlockedIncrement
UnhandledExceptionFilter

comdlg32

ReplaceTextW
PageSetupDlgW

user32

SetThreadDesktop
SendIMEMessageExW
BlockInput
wsprintfA
SetCapture

wininet

GetUrlCacheConfigInfoW
InternetGetCertByURL

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

048b02a374639579ff9b71e6d61bd2b9

Headers

File Characteristics

Imports

gdi32

shell32

kernel32

comdlg32

user32

wininet

Sections

.text Size: 153KB - Virtual size: 152KB

.rdata Size: 8KB - Virtual size: 15KB

.data Size: 281KB - Virtual size: 280KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 153KB - Virtual size: 152KB

.rdata
Size: 8KB - Virtual size: 15KB

.data
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 14KB - Virtual size: 13KB