353cd525c1797c63e0b59ae4d4634609_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

353cd525c1797c63e0b59ae4d4634609_JaffaCakes118
Size

414KB
MD5

353cd525c1797c63e0b59ae4d4634609
SHA1

5bfcf0bdd80b4e07668680119d795fbdbc20dfc8
SHA256

ab624b406af13e236ea6cb9d6fe953ae0a63bfa7e08b65dacd8c11b9effeb9d7
SHA512

4d5b3598782e53e3302cb611a689ddb0a7c6a276a2e4363d9dc1965dd0290f726027704a767e1a6e8cfe81bab6b1eb180e75e47b1406de1ab5f69e9cb0cdb5a3
SSDEEP

6144:/1hf7cgINKciD+aTL4JIi3zCFYOOOgW8rNeFW7OxPkbJpZE+jlDSPr5T0lYCb4j2:9xMJzr7OwrNeFc4c72+jdG0XUjE3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
353cd525c1797c63e0b59ae4d4634609_JaffaCakes118

Files

353cd525c1797c63e0b59ae4d4634609_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46df2963a198016fc9f30268a66d28d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
HeapSize
InterlockedDecrement
SetLastError
GetProcAddress
InterlockedIncrement
HeapReAlloc
Sleep
DeleteCriticalSection
GetStartupInfoW
GetCurrentProcessId
TlsFree
GetCurrencyFormatW
GetEnvironmentStringsW
TlsGetValue
WriteFile
IsDebuggerPresent
UnlockFile
TlsSetValue
LeaveCriticalSection
GetLocaleInfoA
VirtualFree
EnumSystemLocalesA
GetTimeZoneInformation
IsValidLocale
ReadConsoleOutputCharacterA
GetOEMCP
GetTempPathW
SetVolumeLabelW
ExitProcess
GetTickCount
ReadConsoleOutputAttribute
TlsAlloc
HeapFree
GetCPInfo
GetModuleFileNameA
GetStringTypeW
LoadLibraryA
QueryPerformanceCounter
GetACP
VirtualAlloc
SetConsoleTextAttribute
EnterCriticalSection
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCommandLineW
GetFileType
GetModuleFileNameW
SetConsoleCtrlHandler
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentThread
WaitNamedPipeW
ReadConsoleOutputCharacterW
GetDateFormatA
GetLastError
GetCompressedFileSizeA
SetHandleCount
LCMapStringA
GetTimeFormatA
GetNamedPipeInfo
GetLocaleInfoW
SetEnvironmentVariableA
CreateMailslotW
HeapDestroy
SetUnhandledExceptionFilter
GetModuleHandleW
LocalFlags
InterlockedExchange
GetStdHandle
GetStartupInfoA
FreeLibrary
LCMapStringW
CompareStringW
CompareStringA
IsValidCodePage
HeapCreate
HeapAlloc
MultiByteToWideChar
GlobalGetAtomNameW
GlobalCompact
GetUserDefaultLCID
VirtualQuery
GetModuleHandleA

wininet

HttpEndRequestA
SetUrlCacheConfigInfoW
InternetFindNextFileW
SetUrlCacheHeaderData
InternetConnectW
FreeUrlCacheSpaceW
FtpOpenFileA
ShowX509EncodedCertificate
InternetReadFile
InternetInitializeAutoProxyDll
InternetQueryOptionW
SetUrlCacheEntryGroupW
InternetSetDialStateW
InternetSecurityProtocolToStringW
FindFirstUrlCacheContainerA
FtpGetFileSize
FtpGetFileW
FtpPutFileW
RetrieveUrlCacheEntryFileW

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46df2963a198016fc9f30268a66d28d9

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 132KB - Virtual size: 131KB

.data Size: 275KB - Virtual size: 287KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 132KB - Virtual size: 131KB

.data
Size: 275KB - Virtual size: 287KB

.rsrc
Size: 6KB - Virtual size: 6KB