23441bdd88abbca1f0c19d6f725cbf33_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

23441bdd88abbca1f0c19d6f725cbf33_JaffaCakes118
Size

569KB
MD5

23441bdd88abbca1f0c19d6f725cbf33
SHA1

78438e55731f04b4a5011d4666ec42f2ebb2326c
SHA256

0b279b783305bcbaac2f42593579091434ea56f39459b757471f054038e01541
SHA512

5ca6cd33bf2a6f9b7dfcdfc4b48f6467461cbfd46a630ac3fb42a5fdf661696a057df67a6e5a46c152272910e58bd730ed5bb7b039cb5d7f947733f4e615b182
SSDEEP

12288:qtHz3lQ2b8dcWpD5GHzIVw27IVFvbCRmCxZgL/UTtK+UhhIHS:qT+SmXDIHowyO2R/xZgrUpG/c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23441bdd88abbca1f0c19d6f725cbf33_JaffaCakes118

Files

23441bdd88abbca1f0c19d6f725cbf33_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e3ff70bfaec5eefa027520e21589973

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
MultiByteToWideChar
VirtualQuery
WriteFile
GetProcAddress
TerminateProcess
TlsGetValue
GetCurrentThread
LeaveCriticalSection
GetEnvironmentStringsW
InterlockedDecrement
GetStringTypeW
EnterCriticalSection
GetCurrentProcess
GetCurrencyFormatW
GetWindowsDirectoryW
GetModuleHandleA
WideCharToMultiByte
GetCommandLineA
SetLastError
VirtualAlloc
ReadFile
GetLocalTime
FormatMessageA
GetStartupInfoA
CloseHandle
CompareStringA
GetStdHandle
HeapAlloc
GetVersion
TlsSetValue
InitializeCriticalSection
GetComputerNameW
LCMapStringW
GetTimeFormatW
SetEnvironmentVariableA
GetFileType
GetCurrentProcessId
OpenMutexA
FreeEnvironmentStringsW
VirtualFree
FlushFileBuffers
FlushInstructionCache
HeapReAlloc
LoadLibraryA
GetStringTypeA
GetTickCount
ExitProcess
SetFileAttributesW
GetLastError
FreeEnvironmentStringsA
CompareStringW
WaitCommEvent
DeleteCriticalSection
HeapDestroy
QueryPerformanceCounter
GetEnvironmentStrings
SetHandleCount
TlsAlloc
RtlUnwind
LCMapStringA
GetCPInfo
GetSystemTime
GetOEMCP
IsBadWritePtr
CreateMutexA
SetFilePointer
SetStdHandle
GetModuleFileNameA
TlsFree
InterlockedExchange
GetTimeZoneInformation
HeapCreate
UnhandledExceptionFilter
TryEnterCriticalSection
GetCurrentThreadId
InterlockedIncrement
HeapFree
GetFileAttributesA
GetSystemTimeAsFileTime

comctl32

InitCommonControlsEx

wininet

CreateUrlCacheGroup
GetUrlCacheEntryInfoW
InternetGetConnectedState
GopherGetLocatorTypeA
InternetReadFile
RetrieveUrlCacheEntryFileA
FtpPutFileW
GetUrlCacheEntryInfoExA
UnlockUrlCacheEntryStream

shell32

SHBrowseForFolderW
SheChangeDirA

user32

SystemParametersInfoA
RegisterClassA
GetWindowModuleFileNameA
DdeGetLastError
GetWindowModuleFileNameW
RegisterClassExA
GetUserObjectInformationW

gdi32

EnableEUDC
SetMapMode
EnumFontFamiliesExA
GetFontData
SetBitmapDimensionEx
GetRgnBox
GetCurrentObject
GetBkMode
GetRasterizerCaps
GdiSetBatchLimit
CreateMetaFileW
CreateDIBPatternBrushPt
GetSystemPaletteEntries
ColorCorrectPalette
GetRegionData
StrokePath
ResizePalette

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e3ff70bfaec5eefa027520e21589973

Headers

File Characteristics

Imports

kernel32

comctl32

wininet

shell32

user32

gdi32

Sections

.text Size: 193KB - Virtual size: 192KB

.rdata Size: 4KB - Virtual size: 12KB

.data Size: 358KB - Virtual size: 357KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 193KB - Virtual size: 192KB

.rdata
Size: 4KB - Virtual size: 12KB

.data
Size: 358KB - Virtual size: 357KB

.rsrc
Size: 12KB - Virtual size: 12KB