321f08d076a65feaee5236ff7f4cd907_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

321f08d076a65feaee5236ff7f4cd907_JaffaCakes118
Size

434KB
MD5

321f08d076a65feaee5236ff7f4cd907
SHA1

965ee3794757d77eeb61ec582a68243aaf4fbec2
SHA256

6441dcce4ca4e987b2864c1c55e12a258620c46bd97abf6bbda93e02ab2a38a2
SHA512

e5772e82b18b20e16e29de2123c28ddcceac5032cd0f8cb065566e38a38b9bf82a60ce7ee4ca2ccbce6f0ad8ebcc0a01a5070ec6a3a8f22f5bba1fb5ec278a69
SSDEEP

12288:IUgLegMdOWD9sA6I/bjn6AHuLbacMCdxJC:IUgLegMkWD9h6IfduOkdS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
321f08d076a65feaee5236ff7f4cd907_JaffaCakes118

Files

321f08d076a65feaee5236ff7f4cd907_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fe48137711b2b45e77671cd83caf423

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetConfirmZoneCrossingW
GetUrlCacheGroupAttributeA
IsUrlCacheEntryExpiredW
FtpCommandW
InternetWriteFileExA

comdlg32

PrintDlgA

kernel32

ExitProcess
TlsSetValue
IsValidLocale
LeaveCriticalSection
GetCurrentProcess
HeapDestroy
GetProcessHeap
VirtualQuery
GetTimeFormatA
GetDateFormatA
IsDebuggerPresent
SetUnhandledExceptionFilter
GetStringTypeA
TlsGetValue
GetModuleHandleA
GetFileType
VirtualAlloc
EnumCalendarInfoExW
GetCurrentThread
TlsFree
CompareStringW
GetTickCount
LoadLibraryA
GetStringTypeW
SetHandleCount
WriteFile
GetLocaleInfoA
GetLastError
DeleteCriticalSection
GetSystemTimeAsFileTime
VirtualFree
GetCommandLineA
SetConsoleCtrlHandler
LCMapStringA
FreeEnvironmentStringsA
HeapReAlloc
InterlockedIncrement
InterlockedExchange
FreeEnvironmentStringsW
TlsAlloc
SetEnvironmentVariableA
GetCurrentProcessId
GetOEMCP
GetCurrentThreadId
CompareStringA
GetCPInfo
HeapSize
QueryPerformanceCounter
GetStartupInfoA
ReadConsoleOutputA
IsValidCodePage
MultiByteToWideChar
InterlockedDecrement
HeapCreate
GetVersionExA
GetEnvironmentStrings
InitializeCriticalSection
CreateSemaphoreA
GetUserDefaultLCID
EnumSystemLocalesA
GetACP
GetEnvironmentStringsW
LCMapStringW
RtlUnwind
LocalFlags
SetLastError
GetLocaleInfoW
FreeLibrary
HeapFree
GetProcAddress
Sleep
HeapAlloc
EnterCriticalSection
GetTimeZoneInformation
TerminateProcess
DeleteAtom
UnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
WideCharToMultiByte

advapi32

LookupAccountSidA
RegCreateKeyW
RegSetValueExA
RegCreateKeyExW
RegCloseKey
LookupPrivilegeNameW
AbortSystemShutdownW
CryptGenRandom
CryptContextAddRef
RegQueryValueW
RegEnumKeyW
CreateServiceA
RegQueryValueExW
RegQueryValueA
RegLoadKeyA
CryptVerifySignatureA
CryptSetKeyParam

gdi32

CreateRectRgn
GetLogColorSpaceW
EnumICMProfilesA
GetTextFaceA
GetDIBits
StretchBlt
PolyDraw
SetBkMode
GetWinMetaFileBits
SetSystemPaletteUse
GetLayout
GetViewportOrgEx
SetWinMetaFileBits
GetEnhMetaFileA
CreateEnhMetaFileW
GetWindowOrgEx
PlayEnhMetaFileRecord
CreateHatchBrush
GetEnhMetaFileBits
SetEnhMetaFileBits
PolyTextOutW
GetCharABCWidthsFloatW

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fe48137711b2b45e77671cd83caf423

Headers

File Characteristics

Imports

wininet

comdlg32

kernel32

advapi32

gdi32

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 9KB - Virtual size: 37KB

.data Size: 280KB - Virtual size: 279KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 9KB - Virtual size: 37KB

.data
Size: 280KB - Virtual size: 279KB

.rsrc
Size: 6KB - Virtual size: 5KB