262ab974e05281b05ee8f1786ef1eb9b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

262ab974e05281b05ee8f1786ef1eb9b_JaffaCakes118
Size

435KB
MD5

262ab974e05281b05ee8f1786ef1eb9b
SHA1

4cd124db4400308b4ab368337104a50d64a872a0
SHA256

fcf6676227afc895eb0f097d4b1835273f885dd3319858dbf71e857577a890e4
SHA512

c334f722ca7cf4e6c2f15afbcce1526ad89023893b71bdd9a88ed021f8d485b78c7e82b8aa8d6e6848a8ea60311fbe4105736a8b645551e8775b4ac7bb1bcd4f
SSDEEP

12288:yQA+AGc+f+orDvGAUoZaHVSTC70Z9BU7SumZXO:K+GGzwVSTC7Y9BQlmk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
262ab974e05281b05ee8f1786ef1eb9b_JaffaCakes118

Files

262ab974e05281b05ee8f1786ef1eb9b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2de67a0feda177761bcefdaec7a5896

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FtpOpenFileA
DetectAutoProxyUrl
SetUrlCacheGroupAttributeW
InternetConfirmZoneCrossingW
DeleteUrlCacheEntryW
SetUrlCacheHeaderData
InternetSetDialStateW
FindFirstUrlCacheContainerA
GopherGetLocatorTypeW
InternetGetLastResponseInfoA
InternetCreateUrlA
CreateUrlCacheContainerW

gdi32

RealizePalette
Escape
PlayEnhMetaFile
SetWindowOrgEx
SetBoundsRect
PolyBezierTo
SetTextColor
GetGlyphOutline
Ellipse
ExtTextOutW
CombineTransform
GetFontData
AngleArc
PtVisible
SetICMProfileW
InvertRgn
PlayMetaFileRecord
GetLogColorSpaceA
GetDIBColorTable
GetDIBits
CreateColorSpaceA
ColorMatchToTarget
PolyBezier
CreateDiscardableBitmap
FillRgn

comdlg32

ChooseFontA
ChooseColorA
PrintDlgA
ChooseColorW
FindTextW
GetOpenFileNameW
PrintDlgW
ReplaceTextA
LoadAlterBitmap

advapi32

CryptGenKey
RegQueryMultipleValuesA
LogonUserW
CryptSignHashA
RegQueryValueA
LookupPrivilegeValueA
CreateServiceW
CryptGetDefaultProviderA
InitiateSystemShutdownA
AbortSystemShutdownW
CryptSignHashW
RegSetValueW
CryptDuplicateKey
RegLoadKeyW

kernel32

HeapAlloc
VirtualAlloc
HeapFree
TlsSetValue
IsValidLocale
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
TlsGetValue
Sleep
GetStdHandle
InterlockedDecrement
GetCurrentThreadId
GetLastError
RtlUnwind
LCMapStringA
LeaveCriticalSection
WriteFile
MultiByteToWideChar
GetCurrentProcess
GetDateFormatA
HeapReAlloc
SetConsoleCtrlHandler
InterlockedExchange
GetEnvironmentStringsW
LCMapStringW
OpenMutexA
CopyFileA
TlsFree
VirtualFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeLibrary
GetCommandLineW
UnlockFileEx
GetACP
TerminateProcess
GetSystemTimeAsFileTime
GetCPInfo
DeleteCriticalSection
TlsAlloc
HeapSize
FreeEnvironmentStringsW
GetModuleFileNameW
HeapDestroy
GetCurrentThread
GetModuleHandleA
GetStartupInfoW
GetCalendarInfoA
GetUserDefaultLCID
InterlockedIncrement
GetStringTypeW
GetFileAttributesA
GetProcAddress
GetFileType
GetModuleFileNameA
HeapCreate
SetLastError
SetEnvironmentVariableA
GetLocaleInfoA
ExitProcess
IsValidCodePage
IsDebuggerPresent
EnumSystemLocalesA
LoadLibraryA
GetTimeFormatA
SetHandleCount
GetStringTypeA
GetCurrentProcessId
QueryPerformanceCounter
CompareStringW
GetTickCount
GetModuleHandleW
GetTimeZoneInformation
EnterCriticalSection
CompareStringA
GetOEMCP
GetStartupInfoA
VirtualQuery
WideCharToMultiByte

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2de67a0feda177761bcefdaec7a5896

Headers

File Characteristics

Imports

wininet

gdi32

comdlg32

advapi32

kernel32

Sections

.text Size: 145KB - Virtual size: 145KB

.data Size: 276KB - Virtual size: 275KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 145KB - Virtual size: 145KB

.data
Size: 276KB - Virtual size: 275KB

.rsrc
Size: 13KB - Virtual size: 12KB