2af1ac4348a46c77185434bb9b1607e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2af1ac4348a46c77185434bb9b1607e7_JaffaCakes118
Size

448KB
MD5

2af1ac4348a46c77185434bb9b1607e7
SHA1

c94d464f2e8e04d11d49e7c95e1fd00a24842ae7
SHA256

dc17412785c511679c413097cc86c35e6ef21ce96461145150233db9ee5d38e2
SHA512

48299eb59c9edff43371c12a03747426810eca4f0c96b4d93374f20d903a550241c53525f94b5656f5f208f399c5fc3e13c63617555708d60f3dfac89b986489
SSDEEP

12288:0+a1D3+9No9ItRPNQPyB9K1d5vfpA6tm4iZF:CQNXRePgKbu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2af1ac4348a46c77185434bb9b1607e7_JaffaCakes118

Files

2af1ac4348a46c77185434bb9b1607e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

796e8d5d155dbd9b6205f98861dade82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpEndRequestA
InternetCloseHandle
InternetTimeToSystemTimeW
InternetOpenUrlW
InternetSetDialState
FindFirstUrlCacheContainerW
InternetReadFileExA

kernel32

IsValidLocale
DeleteCriticalSection
FlushFileBuffers
CompareFileTime
SetLastError
SetHandleCount
SetEnvironmentVariableA
GetStringTypeA
InterlockedIncrement
GetLocaleInfoA
IsDebuggerPresent
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId
TlsFree
WideCharToMultiByte
CompareStringA
GetEnvironmentStringsW
ExitProcess
GetDateFormatA
WriteFile
RaiseException
InterlockedDecrement
RtlUnwind
SetConsoleCtrlHandler
LCMapStringA
InterlockedExchange
SetVolumeLabelW
LocalFree
FreeLibrary
IsValidCodePage
GetLastError
TerminateProcess
VirtualFree
MultiByteToWideChar
FreeEnvironmentStringsA
GetTimeZoneInformation
SetCurrentDirectoryA
GetCPInfo
FormatMessageW
GetUserDefaultLCID
GetModuleFileNameA
HeapReAlloc
GetCurrentProcess
QueryPerformanceCounter
CompareStringW
GetOEMCP
VirtualAlloc
GetEnvironmentStrings
GetFileType
LCMapStringW
GetCurrentThread
EnterCriticalSection
TlsAlloc
GetEnvironmentStringsA
Sleep
GetStartupInfoA
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
LoadLibraryA
TlsSetValue
GetPrivateProfileSectionNamesW
GetProcessHeap
GetTickCount
HeapDestroy
HeapAlloc
GetVersionExA
GetStringTypeW
GetProfileIntA
ReadConsoleInputA
GetCurrentThreadId
GetLocaleInfoW
HeapCreate
VirtualQueryEx
HeapSize
GetSystemTimeAsFileTime
EnumSystemLocalesA
LoadLibraryW
RemoveDirectoryW
GetTimeFormatA
FreeEnvironmentStringsW
GlobalAddAtomW
GetStartupInfoW
lstrlen
GetACP
UnhandledExceptionFilter
GetCommandLineA
SetUnhandledExceptionFilter
VirtualQuery
HeapFree
GetStdHandle

gdi32

DeviceCapabilitiesExA
CopyMetaFileW
ColorCorrectPalette
ResizePalette
GetGlyphOutline
RestoreDC
CreateRectRgnIndirect
DeleteDC

comdlg32

GetOpenFileNameW

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

796e8d5d155dbd9b6205f98861dade82

Headers

File Characteristics

Imports

wininet

kernel32

gdi32

comdlg32

Sections

.text Size: 149KB - Virtual size: 149KB

.rdata Size: 8KB - Virtual size: 33KB

.data Size: 280KB - Virtual size: 280KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 149KB - Virtual size: 149KB

.rdata
Size: 8KB - Virtual size: 33KB

.data
Size: 280KB - Virtual size: 280KB

.rsrc
Size: 9KB - Virtual size: 8KB