2132be2b5e4a551635114748e33af17d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2132be2b5e4a551635114748e33af17d_JaffaCakes118
Size

268KB
MD5

2132be2b5e4a551635114748e33af17d
SHA1

f26c8bf68d3a0f3879d632d24ecbc0754b5ec9fd
SHA256

7300747c1dc00004d4038cb320d2c59d6931606d03f8e476168ebf49cb060962
SHA512

d5f6d7b612fad61750dde38955f5200dde6de779ee60c70d75f89e858ac3a88eef008cb9fc8981b2cc8000a9af7b5ba54123319292c5a6e8bc21dd956e28ed2e
SSDEEP

6144:+Rkn+alqMqDoV0L29KQWFte1RfUuSDe+ArH:+Rg+allJ0LcKNyR3SM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2132be2b5e4a551635114748e33af17d_JaffaCakes118

Files

2132be2b5e4a551635114748e33af17d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6557903e39eb0fff6caac64e75d141e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo

kernel32

GetACP
GetThreadLocale
RaiseException
CompareFileTime
WaitForSingleObject
GetModuleHandleA
lstrlenW
lstrlenA
FreeLibrary
MoveFileA
GetWindowsDirectoryA
CreateEventA
CopyFileExA
GetSystemDirectoryA
CreateDirectoryA
GetThreadPriority
GetCurrentThreadId
GetLocalTime
GetCurrentDirectoryA
CreateMutexA
lstrcpynA
GetShortPathNameA
lstrcmpiA
LocalFree
CopyFileA
FileTimeToSystemTime
RemoveDirectoryA
SystemTimeToFileTime
IsValidCodePage
IsBadCodePtr
IsValidLocale
GetUserDefaultLCID
SetUnhandledExceptionFilter
TlsAlloc
GetOEMCP
GetSystemInfo
GetProcAddress

user32

CharPrevA
PostMessageA
MessageBoxA
CharUpperA
GetSystemMetrics

advapi32

IsTextUnicode
ImpersonateLoggedOnUser
RevertToSelf
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetTokenInformation
DuplicateTokenEx
SetTokenInformation
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoUninitialize
CoInitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocStringByteLen
SysAllocString

shlwapi

PathFileExistsA
PathRemoveFileSpecA

cryptui

CryptUIDlgSelectCA
CryptUIDlgViewContext
CryptUIWizQueryCertRequestNoDS
CryptUIDlgViewCertificateW
CryptUIGetViewSignaturesPagesW
CryptUIDlgSelectCertificateW

msident

DllCanUnloadNow

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Y
Size: 4KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MoKn
Size: 2KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fFqpwT
Size: 512B - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SD
Size: 3KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LdU
Size: 116KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FUMIG
Size: 1024B - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.f
Size: 1024B - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ANRgVD
Size: 97KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bi
Size: 3KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6557903e39eb0fff6caac64e75d141e1

Headers

File Characteristics

Imports

wininet

version

iphlpapi

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

cryptui

msident

Sections

.text Size: 14KB - Virtual size: 14KB

.Y Size: 4KB - Virtual size: 173KB

.MoKn Size: 2KB - Virtual size: 234KB

.rdata Size: 3KB - Virtual size: 35KB

.fFqpwT Size: 512B - Virtual size: 27KB

.SD Size: 3KB - Virtual size: 118KB

.LdU Size: 116KB - Virtual size: 119KB

.FUMIG Size: 1024B - Virtual size: 203KB

.a Size: 2KB - Virtual size: 38KB

.f Size: 1024B - Virtual size: 61KB

.data Size: 7KB - Virtual size: 222KB

.ANRgVD Size: 97KB - Virtual size: 179KB

.bi Size: 3KB - Virtual size: 75KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 14KB - Virtual size: 14KB

.Y
Size: 4KB - Virtual size: 173KB

.MoKn
Size: 2KB - Virtual size: 234KB

.rdata
Size: 3KB - Virtual size: 35KB

.fFqpwT
Size: 512B - Virtual size: 27KB

.SD
Size: 3KB - Virtual size: 118KB

.LdU
Size: 116KB - Virtual size: 119KB

.FUMIG
Size: 1024B - Virtual size: 203KB

.a
Size: 2KB - Virtual size: 38KB

.f
Size: 1024B - Virtual size: 61KB

.data
Size: 7KB - Virtual size: 222KB

.ANRgVD
Size: 97KB - Virtual size: 179KB

.bi
Size: 3KB - Virtual size: 75KB

.rsrc
Size: 10KB - Virtual size: 10KB