fb62bd66bb0a299fe89aa1d47a7b5224_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb62bd66bb0a299fe89aa1d47a7b5224_JaffaCakes118
Size

417KB
MD5

fb62bd66bb0a299fe89aa1d47a7b5224
SHA1

72878bafb97c81f77f7ebf16833fe30bee099edd
SHA256

813f094527a3a81b72f54172d52771fe4db138b7608decd789c4fbffe2c08aeb
SHA512

6a898cb236bdae87cef63f0e225e3a6f2c69376b9adfbba479bf8155958ea73255ec847b0dd49517db3a115aae94d69eef81d14d10c1c5976edb8e6269ab22cf
SSDEEP

6144:95d4Q1SwabkD4V0ttNnx2inquoRpSdV5T3NmKefVBscXXpBt5+V8Kjl3FP:x91SwaIIYo7C3NFe9Bs4tIyepF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb62bd66bb0a299fe89aa1d47a7b5224_JaffaCakes118

Files

fb62bd66bb0a299fe89aa1d47a7b5224_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dda948659b69642fa61289975682a2eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

KillTimer
SetMenuContextHelpId
GetCaretPos
GetClassWord
WINNLSGetEnableStatus
CharLowerBuffA
GetWindowTextW
GetWindowInfo
DrawFrameControl
EndMenu
LookupIconIdFromDirectory

wininet

InternetSetCookieA
HttpQueryInfoW
SetUrlCacheEntryInfoW
InternetGetCookieA
InternetAlgIdToStringA

gdi32

UnrealizeObject
FillPath
GdiSetBatchLimit
CreateEllipticRgnIndirect
Polygon
CreateDIBitmap
PlayMetaFile
GetMetaFileA
SetTextJustification
SetViewportExtEx
GetMetaFileBitsEx
SetArcDirection
GetTextFaceW
GetICMProfileW
SaveDC
GetSystemPaletteEntries
CloseEnhMetaFile

shell32

ShellExecuteEx
SHGetDataFromIDListA
SHGetSpecialFolderLocation
ExtractIconExW
CommandLineToArgvW
SHGetPathFromIDList
ExtractIconExA
SHLoadInProc
SHGetNewLinkInfo
SHGetPathFromIDListW
SHBrowseForFolder
SHFileOperationA
ExtractIconW
SHGetSpecialFolderPathW
DragQueryPoint
SHFileOperation
SHChangeNotify
SHUpdateRecycleBinIcon
SHInvokePrinterCommandW
DoEnvironmentSubstA
SHGetFileInfoW
SHAddToRecentDocs
SheChangeDirExW

kernel32

LeaveCriticalSection
TlsFree
EnterCriticalSection
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
IsBadWritePtr
HeapCreate
ExitProcess
GetStringTypeW
SetLastError
DeleteCriticalSection
HeapDestroy
GetProcAddress
GetOEMCP
GetCommandLineA
LoadLibraryA
VirtualQuery
VirtualFree
GetFileType
RtlUnwind
GetModuleHandleA
HeapReAlloc
VirtualAlloc
GetStringTypeA
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
SetHandleCount
FreeEnvironmentStringsA
LCMapStringW
TlsGetValue
FreeEnvironmentStringsW
TlsSetValue
GetEnvironmentStringsW
WriteFile
GetCPInfo
SystemTimeToTzSpecificLocalTime
LCMapStringA
GetVersion
QueryPerformanceCounter
GetStdHandle
TlsAlloc
GetCurrentProcessId
InterlockedExchange
GetTickCount
InitializeCriticalSection
GetStartupInfoA
UnhandledExceptionFilter
GetCurrentThread
GetACP
GetEnvironmentStrings
HeapAlloc
GetLastError
HeapFree

comdlg32

ReplaceTextW
PrintDlgW
GetFileTitleA
FindTextA
ChooseFontW
FindTextW
PrintDlgA
GetSaveFileNameW
PageSetupDlgW
GetFileTitleW
PageSetupDlgA
ReplaceTextA
LoadAlterBitmap
GetOpenFileNameW
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
ChooseColorW

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dda948659b69642fa61289975682a2eb

Headers

File Characteristics

Imports

user32

wininet

gdi32

shell32

kernel32

comdlg32

Sections

.text Size: 137KB - Virtual size: 136KB

.data Size: 267KB - Virtual size: 267KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 137KB - Virtual size: 136KB

.data
Size: 267KB - Virtual size: 267KB

.rsrc
Size: 11KB - Virtual size: 11KB