25158c0e2135560df4bb4b256b23984f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

25158c0e2135560df4bb4b256b23984f_JaffaCakes118
Size

2.3MB
MD5

25158c0e2135560df4bb4b256b23984f
SHA1

ea6c72df85576f48bcc4f7846898756f5b289eb8
SHA256

d3fe1c8a067fc2f7c41465840f533e19347785e43187efbf9f2d88042b2e98da
SHA512

e7c2838f41ec8fcb471f57eb69c3373486d9775956e36a13e6b8f4f874b1f740d06c7758051d24323cc9231e0f9f12a89e9ce08ff10343e4bd8de15475f8c81f
SSDEEP

24576:vtzc5S6TJ3haQuonzUcWCNC7Z8HiRW2LUWkVev4mcbnAX0beP0EU:vtziT6Vc0kiRWVWZvhczAcuU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25158c0e2135560df4bb4b256b23984f_JaffaCakes118

Files

25158c0e2135560df4bb4b256b23984f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

be7e591938fdd77e1c9298a444be6993

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpAddRequestHeadersW
InternetOpenUrlW
InternetConnectW

crypt32

CertSetCertificateContextProperty
CryptProtectData
CryptQueryObject
CertGetNameStringW
CryptFindOIDInfo
CryptMsgOpenToDecode
CryptMsgClose
CryptMsgGetParam
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertFreeCRLContext
CertGetEnhancedKeyUsage
CertGetPublicKeyLength
CryptHashCertificate
CryptExportPKCS8
CertNameToStrW

user32

MapDialogRect
DestroyCursor
GetTopWindow
CopyRect
WindowFromPoint
ShowCursor
GetScrollPos
ValidateRect
InvalidateRect
GetMenuDefaultItem
GetMenuItemID
GetSubMenu
EnableMenuItem
CheckMenuItem
CreatePopupMenu
GetMenu
MsgWaitForMultipleObjectsEx
RegisterClipboardFormatW
EndDialog
DialogBoxParamW
IsIconic
ShowOwnedPopups
IsChild
IsWindow
ReplyMessage
SetMessageExtraInfo
DrawEdge

kernel32

IsValidCodePage
GetACP
MultiByteToWideChar
IsDebuggerPresent
IsProcessorFeaturePresent
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
RtlUnwind
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
LocalAlloc
LocalLock
VirtualAlloc
HeapFree
FreeEnvironmentStringsW
IsSystemResumeAutomatic
ReleaseSemaphore
WaitForSingleObject
SizeofResource
SetFilePointer
FileTimeToLocalFileTime
TlsFree
LoadLibraryW
GetModuleFileNameW
GetModuleHandleW
OutputDebugStringW
FindResourceW
GetFullPathNameW
CreateFileW
GetFileAttributesW
DeleteFileW
FindNextFileW
BuildCommDCBAndTimeoutsW
GetUserDefaultLCID
GetConsoleWindow
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
GetOEMCP

shell32

ShellAboutW
SHGetSpecialFolderPathW
SHBrowseForFolderW
CommandLineToArgvW

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 803KB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a24s
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.6o0r
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.h65tr1
Size: 405KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.f1sad
Size: 417KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be7e591938fdd77e1c9298a444be6993

Headers

File Characteristics

Imports

wininet

crypt32

user32

kernel32

shell32

Sections

.text Size: 122KB - Virtual size: 121KB

.data Size: 803KB - Virtual size: 7.9MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.a24s Size: 175KB - Virtual size: 175KB

.6o0r Size: 299KB - Virtual size: 299KB

.h65tr1 Size: 405KB - Virtual size: 405KB

.f1sad Size: 417KB - Virtual size: 416KB

.rsrc Size: 99KB - Virtual size: 99KB

.text
Size: 122KB - Virtual size: 121KB

.data
Size: 803KB - Virtual size: 7.9MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.a24s
Size: 175KB - Virtual size: 175KB

.6o0r
Size: 299KB - Virtual size: 299KB

.h65tr1
Size: 405KB - Virtual size: 405KB

.f1sad
Size: 417KB - Virtual size: 416KB

.rsrc
Size: 99KB - Virtual size: 99KB