1a5a81c2e3177d2b33d0cbfd53e3bee7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a5a81c2e3177d2b33d0cbfd53e3bee7_JaffaCakes118
Size

169KB
MD5

1a5a81c2e3177d2b33d0cbfd53e3bee7
SHA1

3ee7f4075948be31642f012a1c5c3e49cac50533
SHA256

74e1364c85e7700b70ae2dc046712e5ae5b8cf1c3b7bc0427638d89bb1a1610d
SHA512

d245eeae700cd0e652bf6b38ad98bf6acae6a0e5af399be7983fcede2d4863082c941ed60a43ec6131fd099f134b4480e31965c85e34c6e6e2c73b7bbfa43c6b
SSDEEP

3072:1B57ejtH5yLQqQL3AjK0UI1UKsBHMGV7tpDfXDAvS6MPNX8UaM3+eSeFAc:1T7e5H5CQ7WK2eKlmpXmS6eX5aM3zAc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a5a81c2e3177d2b33d0cbfd53e3bee7_JaffaCakes118

Files

1a5a81c2e3177d2b33d0cbfd53e3bee7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7d2bedc106862be6c9f4783e4907ddd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
CreatePipe
SetUnhandledExceptionFilter
SetErrorMode
DuplicateHandle
OpenMutexW
CreateMutexW
RemoveDirectoryW
MoveFileW
CreateEventW
GetVersion
LocalFree
LocalAlloc
CloseHandle
GetFileSize
GetEnvironmentVariableW
CreateFileW
SetTapePosition
FlushFileBuffers
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
SetFilePointer
GetLastError
HeapAlloc
GetModuleFileNameA
WriteFile
RtlUnwind
GetShortPathNameW
PeekNamedPipe
SetEndOfFile
GetCurrentThread
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetStdHandle
GetStdHandle
SetHandleCount
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetModuleHandleA
GetStartupInfoW
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW

user32

SetWindowTextW
CallNextHookEx
CheckDlgButton
GetIconInfo
IsDialogMessageW
LoadBitmapW
DrawIconEx
DrawEdge
IsDlgButtonChecked
GetKeyNameTextW
SendMessageW

gdi32

TextOutW
Escape
RectVisible

wininet

InternetCanonicalizeUrlW
InternetSetOptionExW
InternetOpenW
InternetQueryDataAvailable
HttpQueryInfoW
InternetSetStatusCallbackW
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestW
InternetConnectW
HttpOpenRequestW
InternetCloseHandle
InternetOpenUrlW
InternetGetLastResponseInfoW

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7d2bedc106862be6c9f4783e4907ddd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

wininet

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 339KB

.rsrc Size: 80KB - Virtual size: 77KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 339KB

.rsrc
Size: 80KB - Virtual size: 77KB

.reloc
Size: 1KB - Virtual size: 1KB