2510753be649410d3585ef09b336f021_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2510753be649410d3585ef09b336f021_JaffaCakes118
Size

732KB
MD5

2510753be649410d3585ef09b336f021
SHA1

a37f1f0ef8a6dd58e18d7b201193b2e4836f0735
SHA256

d455664e941c2eb6a11ff186b5bc041400c7364a9574f890be773d08a45b9d9f
SHA512

40ca0775ae61949d59d8bf0d52a17677b586cdb00c1b397a6b1980f4fe847290a03013e1524cfe763e986410595b90876e6398fc1fd3bec35657f4f504833069
SSDEEP

12288:sLpGhlE6xyZ1JKLP0m+Yy/vkPFHSIhWz6t/llvIaXMac5x804mATkLJ8/8VWzc9:ZrPx8KLPhivkfWz6+aXMaWx804x4XVWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2510753be649410d3585ef09b336f021_JaffaCakes118

Files

2510753be649410d3585ef09b336f021_JaffaCakes118
.exe windows:4 windows x86 arch:x86

563c9c5e97d55f1addb627ad1e193cac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

SetUrlCacheEntryGroupW

comctl32

ImageList_GetDragImage
ImageList_SetDragCursorImage
ImageList_DragMove
InitCommonControlsEx
ImageList_Replace
ImageList_SetImageCount
ImageList_Read

kernel32

GetCurrentProcessId
GlobalUnfix
IsValidLocale
FreeEnvironmentStringsA
GetCommandLineA
GetProcessHeap
LeaveCriticalSection
CreateMailslotW
VirtualUnlock
LoadLibraryA
GetShortPathNameW
GetEnvironmentStringsW
VirtualAlloc
ExitProcess
GetStdHandle
Sleep
RtlUnwind
GetTimeFormatA
TlsSetValue
GetTickCount
DeleteFileW
EnumTimeFormatsW
IsDebuggerPresent
SetFilePointer
GetSystemTimeAsFileTime
TlsAlloc
InterlockedDecrement
GetEnvironmentStrings
CreateMutexA
HeapFree
IsValidCodePage
CreateFileA
GetCurrentThreadId
HeapCreate
HeapAlloc
GetDateFormatA
GetProcAddress
GetOEMCP
GetACP
HeapDestroy
SetConsoleCtrlHandler
LCMapStringA
SetStdHandle
VirtualQuery
FindClose
OpenMutexA
GetProfileStringW
EnterCriticalSection
GetModuleFileNameA
lstrlenW
WriteFile
WaitForMultipleObjects
GetCPInfo
SetHandleCount
GetCurrentThread
HeapReAlloc
GetConsoleCP
RemoveDirectoryW
GetPrivateProfileSectionA
CompareStringA
GetStringTypeW
QueryPerformanceCounter
TlsFree
GetUserDefaultLCID
FindFirstFileExA
UnhandledExceptionFilter
GetConsoleOutputCP
GetStartupInfoA
LCMapStringW
GetTimeZoneInformation
WriteConsoleW
FlushFileBuffers
SetEnvironmentVariableA
DeleteCriticalSection
CloseHandle
GetLocaleInfoA
WriteConsoleA
WideCharToMultiByte
ReadFile
HeapSize
InterlockedIncrement
GetFileTime
GetVersionExA
GetCurrentProcess
GetLastError
GetFileType
FlushViewOfFile
GetConsoleMode
InterlockedExchange
InitializeCriticalSection
GetLocaleInfoW
VirtualFree
TlsGetValue
GetStringTypeA
SetUnhandledExceptionFilter
MultiByteToWideChar
TerminateProcess
FreeEnvironmentStringsW
GetModuleHandleA
CompareStringW
FreeLibrary
EnumSystemLocalesA
GetFullPathNameW
SetLastError

user32

SetThreadDesktop
PtInRect
GetClassLongW
DdePostAdvise
DdeSetUserHandle
CharUpperW
LoadBitmapW
ShowWindow
SetDeskWallpaper
GetClipboardOwner
RegisterClassExA
AnimateWindow
UpdateWindow
CreateWindowStationA
WINNLSGetEnableStatus
GetUserObjectInformationW
EnumDisplaySettingsW
CloseClipboard
EnableWindow
GetTabbedTextExtentA
DefWindowProcA
DdeQueryNextServer
CreateMDIWindowW
GetWindowTextA
GetWindowModuleFileNameW
RegisterClassA
DdeDisconnect
CreateAcceleratorTableW
GetSysColorBrush
LoadAcceleratorsA
DrawIconEx
IsCharAlphaW
CreateWindowExA
GetListBoxInfo
OpenInputDesktop
GetKeyboardLayoutNameA
MessageBoxW
DestroyWindow
GetWindowLongW
CharNextW
InSendMessage
DefMDIChildProcW
DestroyMenu
ReplyMessage
RegisterWindowMessageW
DefFrameProcW
DrawAnimatedRects

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

563c9c5e97d55f1addb627ad1e193cac

Headers

File Characteristics

Imports

wininet

comctl32

kernel32

user32

Sections

.text Size: 172KB - Virtual size: 170KB

.rdata Size: 396KB - Virtual size: 392KB

.data Size: 140KB - Virtual size: 165KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 172KB - Virtual size: 170KB

.rdata
Size: 396KB - Virtual size: 392KB

.data
Size: 140KB - Virtual size: 165KB

.rsrc
Size: 20KB - Virtual size: 17KB