1608dfd9a7ed59804a1e35ae7e7e3f9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1608dfd9a7ed59804a1e35ae7e7e3f9f_JaffaCakes118
Size

446KB
MD5

1608dfd9a7ed59804a1e35ae7e7e3f9f
SHA1

f049d1d478cb6d9532c5239cb0a998bd715f630b
SHA256

da17658002b1b78baef0ce167b555d3e60c5557658747e97d44270849a6ac710
SHA512

eecb9cd82c4e12911c09dfd50b5fc54805cae6fc8327ef6a07db430d8ccd3e648ed0463d06d7b8315a1b0f1366c174891d0d0fa351046c4ac4b0057734603515
SSDEEP

12288:K7MQ0Isuzgwcv/3q8dsqFUEvQwA32ipieruUYtNCVCx:K7MQ40gwcv/3JJFuwhiUerurtwV4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1608dfd9a7ed59804a1e35ae7e7e3f9f_JaffaCakes118

Files

1608dfd9a7ed59804a1e35ae7e7e3f9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0cbae0462d79af727e7008c085103644

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetFilePointer

kernel32

ExitProcess
LeaveCriticalSection
HeapCreate
FreeEnvironmentStringsA
LCMapStringA
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
LCMapStringW
Sleep
TlsGetValue
GetCPInfo
EnumResourceNamesA
EnterCriticalSection
TlsFree
SetLastError
GetTickCount
GetStdHandle
GetOEMCP
GetCommandLineA
GlobalDeleteAtom
GetStringTypeW
GetProcAddress
InterlockedDecrement
GetACP
GetStartupInfoA
IsValidLocale
EnumSystemLocalesA
CompareStringA
HeapAlloc
GetModuleFileNameA
HeapSize
HeapFree
GetTimeZoneInformation
TlsAlloc
CompareStringW
FreeEnvironmentStringsW
GetCurrentProcess
WriteFile
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
GetCurrentProcessId
GetEnvironmentStringsW
SetHandleCount
GetFileType
InterlockedIncrement
FreeLibrary
UnhandledExceptionFilter
SetConsoleCtrlHandler
IsValidCodePage
GetLocaleInfoA
VirtualAlloc
GetLocaleInfoW
GetTimeFormatA
SetEnvironmentVariableA
GetCurrentThreadId
GetModuleHandleA
WideCharToMultiByte
TlsSetValue
GetSystemTimeAsFileTime
TerminateProcess
GetEnvironmentStrings
GetDateFormatA
VirtualFree
HeapDestroy
LoadLibraryA
GetStringTypeA
GetLastError
FindFirstFileW
QueryPerformanceCounter
GetCurrentThread
VirtualQuery
HeapReAlloc
GetUserDefaultLCID
DeleteCriticalSection
InterlockedExchange
GetModuleHandleW
CreateWaitableTimerA

user32

ActivateKeyboardLayout
GetMenuDefaultItem
EnableMenuItem
GetMonitorInfoA
GetClipboardFormatNameA
SetCapture
ScrollWindowEx
SetDlgItemTextA
CharPrevW
SetMenu
IsCharAlphaNumericA
SetKeyboardState
GetMenuItemRect
SetMenuInfo
EditWndProc
GetWindowTextLengthW
GetShellWindow
DdeFreeDataHandle
SetCaretBlinkTime
InSendMessageEx
DdeGetData
GetProcessDefaultLayout

comdlg32

PageSetupDlgW
FindTextA
GetFileTitleW

shell32

SHEmptyRecycleBinA
ShellExecuteW
ExtractIconEx
ExtractIconExA
SHGetDataFromIDListA

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cbae0462d79af727e7008c085103644

Headers

File Characteristics

Imports

wininet

kernel32

user32

comdlg32

shell32

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 9KB - Virtual size: 16KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 9KB - Virtual size: 16KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 6KB - Virtual size: 6KB