0d99ebf62bb2ebb675fbff4e39db6aeb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d99ebf62bb2ebb675fbff4e39db6aeb_JaffaCakes118
Size

399KB
MD5

0d99ebf62bb2ebb675fbff4e39db6aeb
SHA1

497d8c1b84cfad42c9d68104016afcfe0a3baaf3
SHA256

1dfa44dece9ea0ca2f255a4c45ee0dfdd84c63565f5a59d7da7dc412dcff1893
SHA512

6180784a453bb41f4596ac7933699e45b1e825772c1e9d65a68a3e7f554f5a2a7e274eeeb8027aea96e9ce8c264fc1ec497df2a77c64a0768fbf062fcb9f5970
SSDEEP

12288:MxEWbzZRgjZPzh/ZHkYRlD/MNJpgGoohZAlU:+EotRglPtRlD/MPiGlhZgU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d99ebf62bb2ebb675fbff4e39db6aeb_JaffaCakes118

Files

0d99ebf62bb2ebb675fbff4e39db6aeb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28aa59970030340b511ab37050d34025

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
LoadAlterBitmap
GetFileTitleA
ChooseColorA
FindTextA
PrintDlgW
GetOpenFileNameA
ReplaceTextW
PageSetupDlgA
FindTextW
GetFileTitleW
PageSetupDlgW
PrintDlgA
ChooseFontA
ReplaceTextA
GetSaveFileNameA
ChooseColorW

shell32

InternalExtractIconListA
ShellExecuteA
SHGetFileInfoA
DragAcceptFiles
SHFileOperationW

wininet

InternetSetFilePointer
GopherOpenFileW
InternetCombineUrlW
FtpCommandA
SetUrlCacheEntryInfoA
InternetOpenW
CreateUrlCacheContainerW
RetrieveUrlCacheEntryStreamA
FtpPutFileW
InternetWriteFileExA
RetrieveUrlCacheEntryFileA
InternetGetCertByURLA
InternetConnectA
InternetQueryOptionW
InternetSetOptionW
InternetSecurityProtocolToStringW
InternetQueryDataAvailable
FtpSetCurrentDirectoryA

user32

CascadeWindows
CloseWindowStation
IsCharUpperW
SetMenuItemInfoA
MapVirtualKeyExW
CascadeChildWindows
ShowScrollBar
GetNextDlgTabItem
EnumDisplayMonitors
MapVirtualKeyExA
MessageBoxIndirectA

kernel32

GlobalReAlloc
TerminateProcess
HeapSize
HeapFree
GetEnvironmentStringsW
GetPriorityClass
GetTickCount
LeaveCriticalSection
GetCurrentThread
GetLocaleInfoW
HeapAlloc
VirtualQuery
GetVersionExA
GetStdHandle
GetConsoleCursorInfo
DebugBreak
IsValidCodePage
SetCurrentDirectoryA
GetCPInfo
GetDateFormatA
LocalAlloc
LCMapStringA
GetEnvironmentVariableW
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
VirtualQueryEx
GetStringTypeW
GetCommandLineA
SetEnvironmentVariableA
ExitProcess
GetCurrentProcessId
VirtualAlloc
SetHandleCount
LoadLibraryA
UnhandledExceptionFilter
GetModuleFileNameA
ResetEvent
TlsSetValue
GetLocaleInfoA
SetLastError
GetTimeFormatA
GetFileType
EnterCriticalSection
HeapDestroy
TlsAlloc
GetStringTypeA
VirtualProtect
FreeEnvironmentStringsW
GetLastError
DeleteAtom
GetCurrentProcess
GetTimeZoneInformation
LCMapStringW
GetCurrentThreadId
IsValidLocale
CompareStringW
GetACP
HeapCreate
TlsGetValue
GetSystemTimeAsFileTime
GetProcAddress
InterlockedExchange
VirtualFree
WriteFile
EnumSystemLocalesA
WideCharToMultiByte
GetStartupInfoA
GetUserDefaultLCID
LocalCompact
MultiByteToWideChar
GetSystemInfo
TlsFree
DeleteCriticalSection
QueryPerformanceCounter
GetEnvironmentStrings
CreateSemaphoreW
FreeEnvironmentStringsA
CompareStringA
GetModuleHandleA
GetOEMCP
RtlUnwind

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28aa59970030340b511ab37050d34025

Headers

File Characteristics

Imports

comdlg32

shell32

wininet

user32

kernel32

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 269KB - Virtual size: 275KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 269KB - Virtual size: 275KB

.rsrc
Size: 12KB - Virtual size: 11KB