02fe6d4d38657f385cb283cdb4c9bfea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

02fe6d4d38657f385cb283cdb4c9bfea_JaffaCakes118
Size

323KB
MD5

02fe6d4d38657f385cb283cdb4c9bfea
SHA1

1c6e84538ab96d6539539a4b2e53656ebb429e44
SHA256

6d7116c1acfb8020a311d86c529ead43447021b75af40544a084792e884b7065
SHA512

557208e668f2105c66efe7532c83c1e5e019194db8515d5755d10d0ff2750d5579d842ed94a00553fc09ca0dfb62e58663e4146f0426906a53cb98e46d650dd2
SSDEEP

6144:XL8cM5jRoTE2A8Sg8u7fXqUcmPMfTYVOCaT4HukRJNp8:bRWRoI2QuLXnG7aa8HuyHC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02fe6d4d38657f385cb283cdb4c9bfea_JaffaCakes118

Files

02fe6d4d38657f385cb283cdb4c9bfea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b4efefe20d5fadb81eb7b43037c7de7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
InitializeSecurityDescriptor

gdi32

SetROP2

wininet

FindFirstUrlCacheEntryExA

kernel32

WideCharToMultiByte
GetUserDefaultLCID
LCMapStringA
HeapFree
GetLastError
GetStartupInfoA
GetModuleHandleA
EnumSystemLocalesA
GetModuleFileNameA
GetStdHandle
GetFileType
TlsAlloc
GetTickCount
SetEnvironmentVariableA
ExitProcess
CompareStringW
HeapCreate
EnterCriticalSection
GetCurrentProcessId
VirtualFree
TlsSetValue
RtlUnwind
LoadLibraryA
GetTimeFormatA
GetLocaleInfoA
VirtualProtect
HeapReAlloc
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
QueryPerformanceCounter
TerminateProcess
IsValidCodePage
GetProcAddress
FreeEnvironmentStringsA
TlsFree
UnhandledExceptionFilter
LCMapStringW
WriteFile
GetCurrentThreadId
LeaveCriticalSection
GetCPInfo
HeapAlloc
GetACP
InterlockedExchange
GetSystemInfo
GetModuleFileNameW
GetDateFormatA
GetTimeZoneInformation
IsBadWritePtr
GetOEMCP
DeleteCriticalSection
CompareStringA
GetEnvironmentStringsW
InitializeCriticalSection
HeapDestroy
VirtualQuery
GetStringTypeW
GetEnvironmentStrings
MultiByteToWideChar
GetLocaleInfoW
GetCurrentThread
IsValidLocale
HeapSize
GetCommandLineA
SetLocalTime
VirtualAlloc
SetLastError
TlsGetValue
GetStringTypeA
GetVersionExA
SetHandleCount
GetCurrentProcess

comdlg32

PrintDlgW
ChooseColorA
GetOpenFileNameA

user32

DialogBoxParamW
InvalidateRect
UnhookWindowsHookEx
SystemParametersInfoA
RegisterDeviceNotificationW
TrackPopupMenu
InflateRect
GetDlgItemTextA
MsgWaitForMultipleObjectsEx
RemovePropA
GetKeyboardLayoutNameW
IsZoomed
GetDoubleClickTime

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b4efefe20d5fadb81eb7b43037c7de7

Headers

File Characteristics

Imports

advapi32

gdi32

wininet

kernel32

comdlg32

user32

Sections

.text Size: 131KB - Virtual size: 131KB

.rdata Size: 7KB - Virtual size: 30KB

.data Size: 172KB - Virtual size: 172KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 131KB - Virtual size: 131KB

.rdata
Size: 7KB - Virtual size: 30KB

.data
Size: 172KB - Virtual size: 172KB

.rsrc
Size: 11KB - Virtual size: 10KB