2f76839eb6172b42ad2c3f3a3b2cbe03_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f76839eb6172b42ad2c3f3a3b2cbe03_JaffaCakes118
Size

140KB
MD5

2f76839eb6172b42ad2c3f3a3b2cbe03
SHA1

2bd0be2b4b82ff2d35b72d47b70df328267515bd
SHA256

9679cc0819481c0f6f5ec3d2651ee94beb29083dcb55b0d59f7e4c27d807ca12
SHA512

beacf470183cf5774b9669b0662c5979fa547b421ee46c1fb1b5d63072f36b83dc101713b1ac0c401859c2777b047beaa4ecab4b53b12b4d1a7a72f71513c90b
SSDEEP

1536:Z9TwTlwsmybjCyfj+HoEXZv/HFQid3bcErJeU1lmOIAWR2kzd4lHilqefe:ZwdmAKvlQOwWeX1hR20d4lHaXfe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f76839eb6172b42ad2c3f3a3b2cbe03_JaffaCakes118

Files

2f76839eb6172b42ad2c3f3a3b2cbe03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de646369a190ff1e3327c5b9ff345e48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetPrivateProfileSectionA
SetEndOfFile
UnmapViewOfFile
VirtualFree
SetFilePointer
GetProcAddress
LoadLibraryA
GetModuleHandleA
InterlockedDecrement
CloseHandle
OpenMutexA
GetVolumeInformationA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetLastError
CreateMutexA
WaitForSingleObject
CreateProcessA
GetACP
GetTickCount
WriteFile
CreateFileA
DeleteFileA
SetFileAttributesA
ReadFile
DeviceIoControl
GetModuleFileNameA
GetSystemTimeAsFileTime
lstrlenA
InterlockedIncrement
GetLocaleInfoW
GetFileSize
InterlockedExchange
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
EnterCriticalSection
LeaveCriticalSection
HeapFree
RtlUnwind
GetFileAttributesA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
HeapAlloc
VirtualQuery
HeapDestroy
HeapCreate
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
HeapSize
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
FlushFileBuffers
GetOEMCP
GetCPInfo
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
IsBadReadPtr
IsBadCodePtr
SetStdHandle
MultiByteToWideChar
VirtualProtect
GetSystemInfo

gdi32

GetTextCharsetInfo

wininet

HttpSendRequestA
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetOpenUrlA
DeleteUrlCacheEntry
InternetReadFile
InternetOpenA

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de646369a190ff1e3327c5b9ff345e48

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 28KB - Virtual size: 24KB