2b02715ecd7727a34b94ed76445aeaa2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b02715ecd7727a34b94ed76445aeaa2_JaffaCakes118
Size

260KB
MD5

2b02715ecd7727a34b94ed76445aeaa2
SHA1

59059d3fcd499dbc031aca216f852115dbd162fb
SHA256

ce841b5a71a674341951ca930be13a48eec732a22acd0303811fb8a6e34ef4e2
SHA512

b8834dd085fc538d1f036c9948c31cccad18c0471c43322bea925c6c5b80883bb203210903b82ca2731357fe1ad127c2920a8270b82eb78aaa2f1d60cf496cfa
SSDEEP

6144:bg66d6TDRNiHfGtz5bHAv56fGf5dLMF7I3irGOX7V+g4f6CJkfhr:bg6s6TLiHQl24uSEzOXpr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b02715ecd7727a34b94ed76445aeaa2_JaffaCakes118

Files

2b02715ecd7727a34b94ed76445aeaa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5ea7bf56f7a6b80a1c3448bc2a2f7af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LockResource
HeapSize
EnumResourceTypesW
RtlUnwind
GetProcessHeap
GetThreadLocale
GetCurrentProcess
GetLastError
VirtualAlloc
InterlockedIncrement
HeapCreate
HeapReAlloc
GetDateFormatA
GetCurrencyFormatW
GetCurrentThread
EnumSystemLocalesA
InterlockedDecrement
GetModuleFileNameA
FreeEnvironmentStringsW
GetOEMCP
WriteFile
GetCPInfo
GetModuleFileNameW
VirtualFree
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetLocaleInfoA
EnterCriticalSection
GetTimeFormatA
QueryPerformanceCounter
SetLastError
LCMapStringA
ConvertDefaultLocale
IsValidLocale
SetEnvironmentVariableA
DeleteCriticalSection
HeapAlloc
GetEnvironmentStringsW
HeapFree
WriteConsoleOutputCharacterA
TlsSetValue
GetCurrentProcessId
GlobalAlloc
GetStartupInfoA
UnhandledExceptionFilter
MultiByteToWideChar
GetStringTypeW
CompareStringW
GetCommandLineA
GetStartupInfoW
FreeEnvironmentStringsA
TlsAlloc
LCMapStringW
GetProcessShutdownParameters
LeaveCriticalSection
TlsGetValue
TlsFree
Sleep
MapViewOfFile
SetLocaleInfoA
IsValidCodePage
WideCharToMultiByte
WaitCommEvent
CompareStringA
GetStringTypeA
GetProcAddress
GetCommandLineW
GetEnvironmentStrings
GetThreadPriorityBoost
HeapDestroy
InterlockedExchange
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetFileType
VirtualQuery
SetHandleCount
SetConsoleCtrlHandler
SetComputerNameW
InitializeCriticalSection
GetCurrentThreadId
GetUserDefaultLCID
FlushInstructionCache
TerminateProcess
GetACP
GetVersionExA
FileTimeToDosDateTime
GetModuleHandleA
IsDebuggerPresent
GetLocaleInfoW
GetStdHandle
OutputDebugStringW
ExitProcess

gdi32

CloseFigure
PlayEnhMetaFileRecord
CreateICA
GetTextExtentExPointW
EqualRgn
GetKerningPairsA
PlgBlt
GetMiterLimit
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
CreateDCA
SelectObject

wininet

InternetAttemptConnect
HttpAddRequestHeadersA
InternetTimeFromSystemTime
HttpQueryInfoA
FtpPutFileA
InternetAlgIdToStringA
InternetReadFileExA
InternetErrorDlg
ShowClientAuthCerts
IncrementUrlCacheHeaderData
InternetTimeToSystemTime
CreateUrlCacheContainerA
HttpSendRequestExA
FtpPutFileW
SetUrlCacheEntryGroupA
IsUrlCacheEntryExpiredA
DeleteUrlCacheEntryA
FindCloseUrlCache

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5ea7bf56f7a6b80a1c3448bc2a2f7af

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

Sections

.text Size: 106KB - Virtual size: 106KB

.data Size: 138KB - Virtual size: 163KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 106KB - Virtual size: 106KB

.data
Size: 138KB - Virtual size: 163KB

.rsrc
Size: 15KB - Virtual size: 14KB