33cc10622520c88d4771fef85f175a38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33cc10622520c88d4771fef85f175a38_JaffaCakes118
Size

505KB
MD5

33cc10622520c88d4771fef85f175a38
SHA1

1e8982449cc17e6a46e6898166533398acb29a31
SHA256

f32660e86d51ef530bf584550f261ce9042f07819c369a41131653cb3435fa71
SHA512

469396fcac8e3af1d4085dcfd50e44a94e5dae41b0f3082d6d616f7b4b709190d79bf272648ef8c577884ab015dce0f6da69c8d7c7ca9002fd4e6d372dc686c2
SSDEEP

6144:dg06LKG1CCRc1FfqNKFCSjM5mIo3Prj1vNa8Ln1zysvdT+YLlUZDpybeHoCxh:dggsOkQ45mIofrpvN7Vn5UZt2qx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33cc10622520c88d4771fef85f175a38_JaffaCakes118

Files

33cc10622520c88d4771fef85f175a38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e20cbd68d79957809a2d863e39944c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetStringTypeA
DeleteCriticalSection
LoadLibraryA
GetCurrentThreadId
LCMapStringW
LeaveCriticalSection
VirtualQuery
CloseHandle
WritePrivateProfileSectionW
GetStartupInfoA
SetHandleCount
UnhandledExceptionFilter
EnumSystemLocalesA
RtlUnwind
VirtualAlloc
GetStringTypeW
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
GetOEMCP
ExitProcess
GetEnvironmentStringsW
HeapCreate
IsValidLocale
ReadFile
SetStdHandle
GetSystemDefaultLCID
SetLastError
IsBadWritePtr
TlsGetValue
GetLocaleInfoW
VirtualProtect
GetModuleFileNameA
GetCurrentProcess
TerminateProcess
EnterCriticalSection
CreateEventA
GetTickCount
GetPrivateProfileIntA
SetEnvironmentVariableA
HeapFree
CompareStringA
VirtualUnlock
lstrcpynW
GetTimeFormatA
EnumDateFormatsExW
CompareStringW
FileTimeToDosDateTime
GetModuleHandleA
CreateMutexA
FreeEnvironmentStringsW
WideCharToMultiByte
OpenFile
GetLastError
VirtualFree
RtlMoveMemory
GetEnvironmentStrings
GetACP
WriteFile
HeapReAlloc
GetCurrentProcessId
GetDateFormatA
HeapSize
TlsSetValue
GetCommandLineA
LCMapStringA
GetVersionExA
MultiByteToWideChar
GetProcAddress
IsValidCodePage
InterlockedExchange
HeapDestroy
HeapAlloc
FreeEnvironmentStringsA
GetStdHandle
GetFileType
GetCurrentThread
TlsAlloc
FlushFileBuffers
GetSystemTimeAsFileTime
GetSystemInfo
OpenMutexA
TlsFree
QueryPerformanceCounter
GetTimeZoneInformation
FindFirstFileA
InitializeCriticalSection

wininet

FtpSetCurrentDirectoryW
InternetSetFilePointer
InternetWriteFileExW
InternetShowSecurityInfoByURLA
HttpEndRequestA
GetUrlCacheHeaderData
GopherGetLocatorTypeA
FtpPutFileEx
InternetConfirmZoneCrossingW

user32

GetKeyboardLayoutNameW
RegisterClassA
CreateDialogParamA
RegisterClassExA
CreateAcceleratorTableA
WINNLSGetEnableStatus

comctl32

InitCommonControlsEx

advapi32

LookupAccountNameW
RegEnumKeyW

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e20cbd68d79957809a2d863e39944c4

Headers

File Characteristics

Imports

kernel32

wininet

user32

comctl32

advapi32

Sections

.text Size: 170KB - Virtual size: 170KB

.rdata Size: 8KB - Virtual size: 22KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 170KB - Virtual size: 170KB

.rdata
Size: 8KB - Virtual size: 22KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 12KB - Virtual size: 12KB