22a54e8be7f8674dbdb62e6e0632431b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

22a54e8be7f8674dbdb62e6e0632431b_JaffaCakes118
Size

313KB
MD5

22a54e8be7f8674dbdb62e6e0632431b
SHA1

fb9bfd5edd7c7d46606ce0fe22f1d0c5cabf9589
SHA256

48bfdbcdb9740ef2ac11ce99bbeb642270d289f1bde99551081e8aeae934c767
SHA512

03c7a42fdc6313d8f48513ae7e600fa376b5966b77372174efc2167439492407d00dc807b070e7104874b98e3929e2585a4ec64ff322508f3561f9d5becc55b8
SSDEEP

6144:awt9KF7pXBmKKQjZTCa5lhlxlS+RZqIGxVQXT+rXILdQXI5f3PwJsHMeUdKhbc+d:fYF7pLRBlhlxlS+RZqI6VQXTCXILdQXG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22a54e8be7f8674dbdb62e6e0632431b_JaffaCakes118

Files

22a54e8be7f8674dbdb62e6e0632431b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a8ec842a48a12f252e58fe9a7474d89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

GetUserObjectInformationW
GetDlgCtrlID
ReuseDDElParam
DdeQueryConvInfo
DdeQueryStringW
RegisterClassA
RegisterClassExA
RemovePropW
GetNextDlgGroupItem
GetUpdateRgn
GetWindowModuleFileNameW
SystemParametersInfoW

wininet

HttpQueryInfoW
ShowSecurityInfo

kernel32

DeleteCriticalSection
GetCurrentThreadId
GetConsoleMode
CreateFileA
TlsFree
HeapCreate
SetEnvironmentVariableA
VirtualFree
HeapReAlloc
TlsGetValue
SetHandleCount
GetCurrentThread
GetStdHandle
SetUnhandledExceptionFilter
TlsSetValue
GetOEMCP
WriteProfileSectionA
GetModuleHandleA
GetLocaleInfoW
GetTimeZoneInformation
TerminateProcess
GetTickCount
GetModuleFileNameA
EnumSystemLocalesA
InitializeCriticalSection
GetEnvironmentStringsW
LCMapStringW
IsValidLocale
SetLastError
GetCurrentProcessId
LCMapStringA
FlushFileBuffers
ReleaseSemaphore
UnhandledExceptionFilter
MultiByteToWideChar
CloseHandle
GetSystemTimeAsFileTime
SetCriticalSectionSpinCount
GetLocalTime
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetACP
GetUserDefaultLCID
GetLastError
InterlockedIncrement
GetProcAddress
CompareStringW
CompareStringA
GetVersionExA
TlsAlloc
ExitProcess
GetConsoleCP
VirtualAlloc
GetStringTypeW
GetEnvironmentStrings
HeapAlloc
WriteConsoleW
GetStringTypeA
InterlockedDecrement
RtlUnwind
GetConsoleOutputCP
EnterCriticalSection
GetCommandLineA
CreateSemaphoreA
OpenMutexA
SetFilePointer
LoadLibraryA
IsDebuggerPresent
GetProcessHeap
GetTimeFormatA
IsValidCodePage
LeaveCriticalSection
GetStartupInfoA
ReadFile
QueryPerformanceCounter
HeapSize
GetCPInfo
WriteConsoleA
SetConsoleCtrlHandler
SetStdHandle
HeapFree
Sleep
FreeLibrary
GetFileType
WriteFile
WideCharToMultiByte
GetCurrentProcess
HeapDestroy
CreateMutexA
VirtualQuery
GetLocaleInfoA
GetDateFormatA
InterlockedExchange

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a8ec842a48a12f252e58fe9a7474d89

Headers

File Characteristics

Imports

comctl32

user32

wininet

kernel32

Sections

.text Size: 145KB - Virtual size: 144KB

.rdata Size: 9KB - Virtual size: 31KB

.data Size: 146KB - Virtual size: 145KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 9KB - Virtual size: 31KB

.data
Size: 146KB - Virtual size: 145KB

.rsrc
Size: 12KB - Virtual size: 11KB