24fdc76dbeeaf58eb0ef9a39310b33ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24fdc76dbeeaf58eb0ef9a39310b33ea_JaffaCakes118
Size

338KB
MD5

24fdc76dbeeaf58eb0ef9a39310b33ea
SHA1

cbe1203f58611a840159af2a8ef7ffe50c55606a
SHA256

821c71fbbd092d3b758673c22d3105fc193db7e456bea2685a63edbb90a3c8f4
SHA512

3a3129b540193bb387c727f5a995e57e978c67d951f183b363762c6d1a8f6218202423df8092c1e28459d63eed5aacf0ebf8ce6bb345c319623618995ccdbec0
SSDEEP

6144:92knF4anRLJOMueRL41HpkUzBYVfHb6qqjF1amADRSvVNOFXo2wU79wLx3td5od5:1aBy22PhHJC1a/DwNOpoXLx3tMfjY0XJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24fdc76dbeeaf58eb0ef9a39310b33ea_JaffaCakes118

Files

24fdc76dbeeaf58eb0ef9a39310b33ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a0cb9bccd514cf494751ce7294d3a76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

IsUrlCacheEntryExpiredA
InternetGetLastResponseInfoA
FtpPutFileEx
InternetWriteFileExA
UnlockUrlCacheEntryStream
InternetCrackUrlW

comctl32

InitCommonControlsEx

gdi32

SetROP2
SetBitmapDimensionEx
PlayMetaFile
PathToRegion
GetDCOrgEx
GdiFlush
GetBkColor
SetStretchBltMode
CancelDC
CopyMetaFileW
StartDocW

comdlg32

FindTextA
PageSetupDlgA

shell32

SHChangeNotify
SHFreeNameMappings
SheGetDirA

user32

LoadMenuA
GetMenuStringW
MapVirtualKeyW
GetWindowWord
SwitchDesktop
EnumWindowStationsW
SetDlgItemTextA
EnumClipboardFormats
ShowCursor
IsDlgButtonChecked
NotifyWinEvent
CopyImage
RegisterClassExA
IsClipboardFormatAvailable
CreateAcceleratorTableA
EmptyClipboard
RegisterClassA

kernel32

FlushFileBuffers
GetFileType
CompareStringA
GetCurrentProcessId
GetTickCount
ReadConsoleA
GetCurrentDirectoryA
LeaveCriticalSection
FreeEnvironmentStringsW
IsBadWritePtr
GetModuleHandleA
EnterCriticalSection
OpenMutexA
GetOEMCP
DeleteCriticalSection
InitializeCriticalSection
lstrcpy
GetCompressedFileSizeW
UnhandledExceptionFilter
SetFilePointer
GetCurrentProcess
TlsFree
CloseHandle
VirtualAlloc
HeapAlloc
TlsSetValue
WritePrivateProfileStructA
GetSystemTime
MultiByteToWideChar
LCMapStringW
RtlUnwind
ResetEvent
ReadFile
GetStringTypeW
FindNextFileA
HeapReAlloc
WriteFile
GetCurrentThread
GetModuleFileNameA
GetCPInfo
GetACP
GetVersion
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
LCMapStringA
CompareStringW
GetLastError
GetFileTime
InterlockedExchange
lstrlenA
TlsGetValue
GetPrivateProfileSectionW
GetTempFileNameA
GetCurrentThreadId
SetEnvironmentVariableA
TlsAlloc
QueryPerformanceCounter
GetThreadContext
LoadLibraryA
GetTimeZoneInformation
TerminateProcess
CreateMutexA
GetStdHandle
FreeEnvironmentStringsA
SetLastError
VirtualFree
WideCharToMultiByte
HeapCreate
SetStdHandle
SetHandleCount
GetEnvironmentStringsW
ExitProcess
GetProcAddress
InterlockedIncrement
GetEnvironmentStrings
GetLocalTime
DebugBreak
HeapDestroy
InterlockedDecrement
HeapFree
VirtualQuery
GetStringTypeA
GetSystemDirectoryA

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a0cb9bccd514cf494751ce7294d3a76

Headers

File Characteristics

Imports

wininet

comctl32

gdi32

comdlg32

shell32

user32

kernel32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 5KB - Virtual size: 28KB

.data Size: 205KB - Virtual size: 205KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 5KB - Virtual size: 28KB

.data
Size: 205KB - Virtual size: 205KB

.rsrc
Size: 2KB - Virtual size: 2KB