fd7b984a97a13665105b3f334e439507_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd7b984a97a13665105b3f334e439507_JaffaCakes118
Size

448KB
MD5

fd7b984a97a13665105b3f334e439507
SHA1

57c9317261badc424b6a32f3cc6570e970aff46b
SHA256

7b459b36046306cef6f07f451f0e08ce2c5531d5995fc380f09f04aa7c55a6e2
SHA512

4a57939ca21719f60fc1ccc0cd1cb9f6be58e99dc1aa6e94d23c58db3914f9ca297a1661f977f8fe8dd9797b3025c5b94dc22b3fae54d8f612252f7a313828a8
SSDEEP

12288:uQau/uISFfcQBIhABSFJ6zFAIgQq1H0joPSi:xn/nmf/8ABqJjsq1UjN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd7b984a97a13665105b3f334e439507_JaffaCakes118

Files

fd7b984a97a13665105b3f334e439507_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6bd82dab08839a7a5a123385adb08ee0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

RetrieveUrlCacheEntryFileW

comdlg32

FindTextA
PrintDlgA
PrintDlgW

kernel32

GetCPInfo
HeapSize
EnumSystemLocalesA
FreeLibrary
IsDebuggerPresent
GetEnvironmentStringsW
GetModuleHandleA
SetConsoleCtrlHandler
GetTimeFormatA
IsValidCodePage
ExitProcess
MultiByteToWideChar
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
VirtualAlloc
GetCurrentProcess
HeapAlloc
GetLocaleInfoA
HeapCreate
GetTimeZoneInformation
QueryPerformanceCounter
InterlockedExchange
CreateFileW
VirtualQuery
GetLocaleInfoW
EnterCriticalSection
RtlUnwind
IsValidLocale
TerminateThread
SetEnvironmentVariableA
GetModuleFileNameA
TlsFree
SetThreadAffinityMask
LCMapStringW
DeleteCriticalSection
GetOEMCP
CompareStringA
CompareStringW
GetTickCount
WideCharToMultiByte
SetHandleCount
GetProcAddress
HeapFree
GetModuleFileNameW
GetStartupInfoA
GetStringTypeW
SetLastError
GetStdHandle
GetDateFormatA
HeapReAlloc
GetCommandLineW
LoadLibraryA
UnhandledExceptionFilter
VirtualFree
GetDateFormatW
Sleep
InterlockedIncrement
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetCurrentProcessId
GetStringTypeA
TlsGetValue
TerminateProcess
HeapDestroy
WriteFile
GetModuleHandleW
SetUnhandledExceptionFilter
GetCurrentThread
TlsSetValue
FreeEnvironmentStringsW
GetACP
LCMapStringA
EnumDateFormatsA
GetLastError
EnumSystemCodePagesW
LeaveCriticalSection
GetFileType
GetCurrentThreadId
TlsAlloc
GetConsoleCursorInfo

gdi32

GetRandomRgn
GetCharWidthFloatW
ExtEscape

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bd82dab08839a7a5a123385adb08ee0

Headers

File Characteristics

Imports

wininet

comdlg32

kernel32

gdi32

Sections

.text Size: 146KB - Virtual size: 145KB

.rdata Size: 8KB - Virtual size: 19KB

.data Size: 280KB - Virtual size: 280KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 146KB - Virtual size: 145KB

.rdata
Size: 8KB - Virtual size: 19KB

.data
Size: 280KB - Virtual size: 280KB

.rsrc
Size: 13KB - Virtual size: 12KB