ffd7ff6867b6428e3a61972322cb5046_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ffd7ff6867b6428e3a61972322cb5046_JaffaCakes118
Size

420KB
MD5

ffd7ff6867b6428e3a61972322cb5046
SHA1

7614e632c518186bfcbde1e08b4e63d2a773f8da
SHA256

4b6453b99e9d96153f628112e28014bea511fd81a4699d26de446eb46f3bf09b
SHA512

2876c646f7dfe037e7caac2b3f51da6829884e3bbc19d68817ac90cf3522d953bcebf84140f5b13e225590cf0f78d8e3cee91316526985d221ca335cf9337ff0
SSDEEP

12288:jmDBKrcYti9CMbS6OGIZGLzC2CUq4XikIdg74:jmDErx89CMbDd2MzwU/X+gE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffd7ff6867b6428e3a61972322cb5046_JaffaCakes118

Files

ffd7ff6867b6428e3a61972322cb5046_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d29b576e8d22c5a71ed179b53953b5ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDListA

comdlg32

FindTextW

wininet

InternetAttemptConnect
UrlZonesDetach
CreateUrlCacheEntryW

gdi32

BitBlt
ExtEscape

kernel32

GetLocaleInfoW
GetComputerNameA
GetTickCount
GetCommandLineW
GetTimeZoneInformation
VirtualAlloc
GetProcAddress
GetModuleFileNameW
GetStartupInfoW
SetEnvironmentVariableA
CreateWaitableTimerW
TlsAlloc
WaitNamedPipeA
GetCurrentThreadId
HeapFree
GetLastError
TlsSetValue
HeapDestroy
GetStringTypeA
OpenMutexW
TlsGetValue
RtlUnwind
GetStringTypeW
MultiByteToWideChar
GetModuleHandleA
GetPrivateProfileSectionNamesW
GetModuleFileNameA
WideCharToMultiByte
InterlockedIncrement
UnhandledExceptionFilter
InterlockedDecrement
EnumSystemLocalesA
GetDateFormatA
FreeEnvironmentStringsW
IsValidCodePage
ReadConsoleA
GetACP
FreeLibrary
GetAtomNameW
EnterCriticalSection
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetTimeFormatA
CompareStringW
GetThreadLocale
GetStdHandle
LCMapStringA
LoadLibraryA
ExitProcess
TerminateProcess
FindAtomA
GetModuleHandleW
LeaveCriticalSection
GetOEMCP
MoveFileExA
GetCurrentProcess
Sleep
WriteFile
GetCurrentThread
GetFileType
SetLastError
LCMapStringW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GlobalFindAtomA
GetCurrentProcessId
GetPrivateProfileStructW
HeapAlloc
HeapCreate
GetDiskFreeSpaceExA
VirtualQuery
HeapSize
OpenProcess
SetHandleCount
TransmitCommChar
DeleteCriticalSection
LocalHandle
IsValidLocale
VirtualFree
SetUnhandledExceptionFilter
GetStartupInfoA
GetCPInfo
GetLocaleInfoA
SetThreadLocale
QueryPerformanceCounter
InterlockedExchange
CompareStringA
HeapReAlloc
GetUserDefaultLCID
TlsFree
IsDebuggerPresent
CreateDirectoryExA
TryEnterCriticalSection

user32

CharLowerBuffA
TabbedTextOutA
GetDoubleClickTime
LookupIconIdFromDirectory
DdeFreeStringHandle
GetParent
GetComboBoxInfo

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d29b576e8d22c5a71ed179b53953b5ce

Headers

File Characteristics

Imports

shell32

comdlg32

wininet

gdi32

kernel32

user32

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 9KB - Virtual size: 37KB

.data Size: 280KB - Virtual size: 280KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 9KB - Virtual size: 37KB

.data
Size: 280KB - Virtual size: 280KB

.rsrc
Size: 1KB - Virtual size: 1KB