238894b27134a9dd77cf9ee7be986716_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

238894b27134a9dd77cf9ee7be986716_JaffaCakes118
Size

466KB
MD5

238894b27134a9dd77cf9ee7be986716
SHA1

67c4dc1f3cdbae76cf1a54964b8a731360fc5f3b
SHA256

ecea73b4448a3030eb0383646bf10907ec522bb95195288dcc79d6e7ad299b3a
SHA512

d0859e910c859c97347fe026e60192fcbc889686f177a13124f9141ba7b320ec0e4009920de2d5ba2b66d53a4d8f3dd398caa5572f4feef5129dfbe6a0675059
SSDEEP

12288:dbYGXAeQ2bZ4y7Ok1xqK8r3OFoW53Mhvfz:db94iZl1xqK8r+FoWVMhvf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
238894b27134a9dd77cf9ee7be986716_JaffaCakes118

Files

238894b27134a9dd77cf9ee7be986716_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7c6ce4f47b4c160905740f55e647696

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
HeapCreate
CompareFileTime
VirtualUnlock
GetStdHandle
CompareStringA
HeapAlloc
LoadLibraryA
UnhandledExceptionFilter
SetEnvironmentVariableA
WriteFile
GetCPInfo
CreateMailslotA
GetCommandLineA
TlsGetValue
TlsSetValue
FreeLibrary
GetTimeFormatA
GetTimeZoneInformation
SetThreadPriority
TlsAlloc
GetEnvironmentStringsW
GetUserDefaultLCID
GetFileType
lstrcatW
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetStringTypeW
GetProcAddress
DeleteCriticalSection
GetStringTypeA
HeapFree
SetLastError
GetEnvironmentStrings
EnumTimeFormatsA
InterlockedDecrement
VirtualQuery
SetConsoleCtrlHandler
InterlockedIncrement
SetUnhandledExceptionFilter
GetACP
IsDebuggerPresent
VirtualFree
GetStartupInfoA
HeapReAlloc
MultiByteToWideChar
ExitProcess
CompareStringW
CreateFileW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
LCMapStringA
GetModuleHandleA
GetLocaleInfoW
IsValidCodePage
IsValidLocale
GetCurrentThreadId
Sleep
HeapDestroy
GetDateFormatA
GetModuleHandleW
GetCurrentProcessId
GetModuleFileNameA
LCMapStringW
GetCurrentThread
RemoveDirectoryA
GetTickCount
HeapSize
FreeEnvironmentStringsA
GetLocaleInfoA
TlsFree
SetHandleCount
RtlUnwind
GetLastError
GetSystemTimeAsFileTime
InterlockedExchange
LeaveCriticalSection
EnumSystemLocalesA
EnterCriticalSection
GetOEMCP
SetThreadLocale

comdlg32

PageSetupDlgW
GetSaveFileNameA
GetSaveFileNameW
ChooseColorA
FindTextW
PageSetupDlgA
GetFileTitleA
LoadAlterBitmap
GetOpenFileNameW
ReplaceTextW

wininet

InternetGetCertByURL
GopherFindFirstFileA
HttpCheckDavCompliance
FreeUrlCacheSpaceW
LoadUrlCacheContent
InternetUnlockRequestFile
SetUrlCacheEntryInfoA
InternetQueryOptionW
HttpQueryInfoA

gdi32

UpdateICMRegKeyA
SetArcDirection
GetLogColorSpaceW
EndDoc

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7c6ce4f47b4c160905740f55e647696

Headers

File Characteristics

Imports

kernel32

comdlg32

wininet

gdi32

Sections

.text Size: 183KB - Virtual size: 183KB

.data Size: 276KB - Virtual size: 276KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 183KB - Virtual size: 183KB

.data
Size: 276KB - Virtual size: 276KB

.rsrc
Size: 5KB - Virtual size: 5KB