339800289e29184eef7c6436b5e7e9dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

339800289e29184eef7c6436b5e7e9dd_JaffaCakes118
Size

342KB
MD5

339800289e29184eef7c6436b5e7e9dd
SHA1

6376defdde7ad1d66435a404d53d22fa300e9e91
SHA256

785162637380f917a4f3a187ab532a1f0d408ff892324af32c6d962ecf2d67db
SHA512

693a8043cb0cd0cab0c16ab58ba71ad06649c5c8542778101202c1ff134ecd17e6dbc93b0a9d0d226e54033a59bcd6d02de5d5e2f9372a3da74ac5d84a138f7b
SSDEEP

6144:mJ3QlXostZZ/NdY8rYLEI0TYI5O5BElojUjlQsAUUwvONJ41FaiAOzh4oA9:mJanF1dpI0Th5O5BqojUuqvONJw7vo9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
339800289e29184eef7c6436b5e7e9dd_JaffaCakes118

Files

339800289e29184eef7c6436b5e7e9dd_JaffaCakes118
.exe windows:6 windows x86 arch:x86

54100fc203c645ee5560f801621ae4d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNativeSystemInfo
HeapAlloc
GetProcAddress
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetModuleFileNameA
Process32First
WriteProcessMemory
GetCurrentProcess
WriteFile
TerminateProcess
SetErrorMode
InitializeCriticalSectionEx
CreateMutexA
ResumeThread
OpenProcess
CreateToolhelp32Snapshot
Sleep
CopyFileA
GetLastError
GetFileAttributesA
CreateFileA
GetCurrentThread
GetVersionExA
LoadLibraryA
CloseHandle
RaiseException
GetSystemInfo
SetFileAttributesA
DecodePointer
GetThreadContext
VirtualAllocEx
DeleteCriticalSection
VerSetConditionMask
ReadProcessMemory
GetCurrentProcessId
GlobalMemoryStatusEx
VerifyVersionInfoW
CreateProcessA
CreateDirectoryA
SetThreadContext
QueryPerformanceCounter
IsDebuggerPresent
GetComputerNameA
SetUnhandledExceptionFilter
SetEndOfFile
WriteConsoleW
CreateFileW
HeapSize
SetStdHandle
GetModuleHandleA
VirtualAlloc
VirtualFree
SetLastError
HeapFree
VirtualProtect
Process32Next
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
DeleteFileW
ReadConsoleW
ReadFile
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapReAlloc
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
SetFilePointerEx
WideCharToMultiByte
GetCurrentThreadId
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
EncodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
OutputDebugStringW
LocalFree
SetEvent
CreateThread
GetThreadTimes
FreeLibraryAndExitThread
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
ExitProcess
GetModuleHandleExW
ExitThread
GetStdHandle
GetFileSizeEx

user32

GetDesktopWindow

advapi32

RegOpenKeyA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
RegOpenKeyExA
RegDeleteValueA
GetTokenInformation
RegCloseKey

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize

oleaut32

VariantClear
SysStringLen
SysAllocString
SysFreeString
VariantInit

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
HttpOpenRequestA
HttpSendRequestA
InternetConnectA

urlmon

URLOpenBlockingStreamA

netapi32

NetWkstaGetInfo
NetApiBufferFree

Sections

.text
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54100fc203c645ee5560f801621ae4d0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

urlmon

netapi32

Sections

.text Size: 250KB - Virtual size: 250KB

.rdata Size: 73KB - Virtual size: 73KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 250KB - Virtual size: 250KB

.rdata
Size: 73KB - Virtual size: 73KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 12KB - Virtual size: 11KB