600b0bc2b5ebfa96cea2f6e09dd4f873_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

600b0bc2b5ebfa96cea2f6e09dd4f873_JaffaCakes118
Size

2.1MB
MD5

600b0bc2b5ebfa96cea2f6e09dd4f873
SHA1

3569cd92ce73b695d3d70cdfdce7db9c93296693
SHA256

2d8ccbafe92c4087366237285bda7e3041fcd45d12a33dceda5d2a939fdf6118
SHA512

712997a0a243c5cbcf78d41223d6edb13b19dba90cc8a419ccddf4bd299c8692f2e4ba6e9f2fc049fc3b1316b28ff77d2585a453eff407cf4fea36c2f053b6db
SSDEEP

24576:b6zL1hE8QRrg7ghM6qdIW3gWWiju4UFffodffPDKw1MAqh8QrCx/j:bC9WrUTfLUFoZWwchlg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
600b0bc2b5ebfa96cea2f6e09dd4f873_JaffaCakes118

Files

600b0bc2b5ebfa96cea2f6e09dd4f873_JaffaCakes118
.exe windows:5 windows x86 arch:x86

13367685b06a452f2265937aaa809770

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetUniversalNameW

kernel32

GetUserDefaultLCID
GetLocaleInfoW
LocalAlloc
DeleteFileW
GetFullPathNameW
CreateDirectoryW
GetCommandLineW
CreateFileMappingW
CreateEventW
FormatMessageW
GetLocalTime
GetSystemTimeAsFileTime
GetSystemTime
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetLastError
GetEnvironmentStringsW
HeapFree
VirtualAlloc

wininet

InternetOpenUrlW

wintrust

WTHelperProvDataFromStateData
CryptCATAdminAcquireContext
CryptCATAdminReleaseCatalogContext
WTHelperGetProvSignerFromChain

comctl32

CreatePropertySheetPageW
ImageList_GetIconSize
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Remove
ImageList_DrawIndirect
ImageList_AddMasked
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControlsEx
PropertySheetW
CreateToolbarEx
CreateStatusWindowW
FlatSB_GetScrollInfo
InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_GetScrollPos
ImageList_GetImageInfo

secur32

InitializeSecurityContextW
FreeCredentialsHandle

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ichc
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13367685b06a452f2265937aaa809770

Headers

File Characteristics

Imports

mpr

kernel32

wininet

wintrust

comctl32

secur32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.data Size: 512B - Virtual size: 64.4MB

.idata Size: 2KB - Virtual size: 1KB

.ichc Size: 331KB - Virtual size: 330KB

.rsrc Size: 9KB - Virtual size: 12KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 512B - Virtual size: 64.4MB

.idata
Size: 2KB - Virtual size: 1KB

.ichc
Size: 331KB - Virtual size: 330KB

.rsrc
Size: 9KB - Virtual size: 12KB