22ca1cdb637f0feb5831f1a7964fdd24_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

22ca1cdb637f0feb5831f1a7964fdd24_JaffaCakes118
Size

411KB
MD5

22ca1cdb637f0feb5831f1a7964fdd24
SHA1

261848c9565f3050f0f37e9b25343740aa9c6a44
SHA256

30a5eb8254643fe53f7402efd92bb9c3b706deed3fdaac06dcbcfab136372041
SHA512

d220a35f5a71f766f21f796fd0f616c03d24581756a6bd251c01265ffb66a79a619d62ba343ee83c344f3ef87866516b79de312bdb9b68c2182d4017549a2d06
SSDEEP

12288:a4tlOA+hA68vDPwItj4M9sdefMAuAPKP4:a41C87Pvtjp6dhAuAPf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22ca1cdb637f0feb5831f1a7964fdd24_JaffaCakes118

Files

22ca1cdb637f0feb5831f1a7964fdd24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c80ed85239b984d2bcb9eb2c6dfe986

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

SetUrlCacheEntryGroup
FtpGetCurrentDirectoryA
InternetSetOptionExW
InternetCrackUrlA

comdlg32

ReplaceTextW
PrintDlgA
PageSetupDlgW
GetSaveFileNameW

shell32

SHFormatDrive
SHEmptyRecycleBinW
ExtractIconW
SHInvokePrinterCommandA
SHBrowseForFolder
ExtractIconEx
InternalExtractIconListW
SHAppBarMessage
SheChangeDirExW
SHFileOperationW
ShellExecuteA
SHLoadInProc
DoEnvironmentSubstA
ExtractIconExW
SHGetSettings

advapi32

RegEnumValueA
RegConnectRegistryW
GetUserNameW
RegReplaceKeyW
RegSaveKeyA
CryptSignHashW
LogonUserA
CryptAcquireContextW
CryptDuplicateHash
RegCreateKeyA
ReportEventW
RegQueryValueA
CryptDestroyKey
CryptSignHashA
CryptGetHashParam
RegRestoreKeyW
RegSetKeySecurity
CryptReleaseContext

kernel32

GetLocaleInfoA
lstrcmp
GetEnvironmentVariableW
VirtualAlloc
GetStdHandle
SetStdHandle
GetModuleFileNameA
lstrcpyn
FreeLibrary
GetEnvironmentStringsW
LoadLibraryA
IsDebuggerPresent
TerminateProcess
InterlockedCompareExchange
GetVersionExA
lstrcpyA
RtlUnwind
EnumResourceLanguagesW
TlsAlloc
HeapReAlloc
InitializeCriticalSection
GetSystemTimeAsFileTime
GetModuleHandleA
LCMapStringW
GetCPInfo
SetLastError
ExitProcess
SetTimeZoneInformation
IsValidLocale
IsValidCodePage
InterlockedIncrement
SetConsoleCtrlHandler
CreateThread
GetAtomNameA
VirtualQuery
TlsFree
GetFileType
GetTimeFormatA
SetHandleCount
UnhandledExceptionFilter
WideCharToMultiByte
GetStartupInfoA
HeapDestroy
GetCommandLineA
CompareStringW
Sleep
ReleaseMutex
FindNextChangeNotification
InterlockedExchange
GetLastError
LeaveCriticalSection
GetTimeZoneInformation
GetProcAddress
VirtualFree
GlobalAlloc
QueryPerformanceCounter
GetACP
HeapAlloc
HeapSize
MultiByteToWideChar
GetUserDefaultLCID
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
GetLocaleInfoW
GetTickCount
GetConsoleTitleA
WritePrivateProfileSectionW
TlsSetValue
WriteFile
DeleteCriticalSection
InterlockedDecrement
GetCurrentThread
GetStringTypeW
EnumSystemLocalesA
FreeEnvironmentStringsW
GetExitCodeProcess
LCMapStringA
EnterCriticalSection
CompareStringA
GetOEMCP
GetCurrentProcessId
SetEnvironmentVariableA
TlsGetValue
DeleteAtom
GetCurrentProcess
GetProcessShutdownParameters
HeapCreate
GetProcessHeap
GetStringTypeA
HeapFree
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c80ed85239b984d2bcb9eb2c6dfe986

Headers

File Characteristics

Imports

wininet

comdlg32

shell32

advapi32

kernel32

Sections

.text Size: 127KB - Virtual size: 127KB

.data Size: 274KB - Virtual size: 303KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 127KB - Virtual size: 127KB

.data
Size: 274KB - Virtual size: 303KB

.rsrc
Size: 8KB - Virtual size: 8KB