3633f30a07a76614981ae7fb09ecfdd4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3633f30a07a76614981ae7fb09ecfdd4_JaffaCakes118
Size

522KB
MD5

3633f30a07a76614981ae7fb09ecfdd4
SHA1

62a362355af68536d58aa9af1baa6659dd2ee902
SHA256

e41f6edd66d213fca8c37ca4cff8dd57562f504a127a896e6dc58b395dfc75fa
SHA512

708067bbb7c88a0ce7b2f676f05a216640e201239acd67f1c60209425649391b5df1b3dc4c77bb5dcb2adb73c3d5a9d9121c57a1ec509525a711988cb91f605a
SSDEEP

12288:xbVNku4CxAa40z4EpwsRnFZgrsjaWNwx4FGfgsmG6/8p9wiZx7szcigB:B/ku4IAa40z4EesRnFZgrNxhmg4i7szc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3633f30a07a76614981ae7fb09ecfdd4_JaffaCakes118

Files

3633f30a07a76614981ae7fb09ecfdd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dba1ed15cd8be3b1d3059f38f4363d3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FtpPutFileEx

user32

GetWindowRgn
RegisterClassA
RegisterClassExA
KillTimer
CharUpperBuffW

shell32

ShellExecuteExW
SHFileOperation
SHGetFileInfoW
RealShellExecuteExA
RealShellExecuteW

gdi32

StartDocW
CreateEnhMetaFileA
CreateHatchBrush
FrameRgn
CreateDIBPatternBrushPt
EnumICMProfilesA
CopyEnhMetaFileW
PolyDraw
AddFontResourceW
CreateScalableFontResourceA
DeleteDC
OffsetRgn
SetTextCharacterExtra
SetFontEnumeration
GetDeviceCaps
OffsetClipRgn
GetObjectType
GetMetaFileW
SetLayout
GetTextFaceA
GetWindowExtEx
UpdateICMRegKeyA
GetEnhMetaFileW

comctl32

InitCommonControlsEx

advapi32

CryptDeriveKey
DuplicateToken
CryptAcquireContextA
CryptDestroyKey
CryptGetDefaultProviderA
InitiateSystemShutdownA
CryptGetHashParam
RegRestoreKeyW
RegLoadKeyW
ReportEventW
LookupSecurityDescriptorPartsW
AbortSystemShutdownW
CryptEnumProviderTypesW
RegSetValueExW
RegConnectRegistryA

kernel32

TlsSetValue
SetConsoleCtrlHandler
CreateEventW
GetModuleFileNameA
GetUserDefaultLCID
WideCharToMultiByte
ReadFile
InterlockedIncrement
GetModuleHandleW
GetConsoleMode
GetCommandLineA
GetLastError
LCMapStringW
LockResource
VirtualQuery
CreateSemaphoreA
GetOEMCP
ReadConsoleOutputCharacterW
HeapReAlloc
GetTimeZoneInformation
GetStdHandle
GetDateFormatA
HeapFree
SetFilePointer
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetConsoleOutputCP
LoadLibraryA
SetVolumeLabelA
GetConsoleCP
TlsAlloc
WriteFile
IsDebuggerPresent
GetStartupInfoA
WriteConsoleA
CompareStringW
GetFileType
HeapAlloc
GetCurrentProcessId
HeapDestroy
TlsGetValue
GetStringTypeW
EnumSystemLocalesA
GetLocaleInfoA
GetProfileSectionA
LCMapStringA
GetLocaleInfoW
TlsFree
IsValidCodePage
GetCurrentThread
QueryPerformanceCounter
HeapSize
GetTimeFormatA
GetSystemTimeAsFileTime
WriteConsoleW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidLocale
CompareStringA
CreateMutexA
lstrcatA
VirtualAlloc
GlobalReAlloc
GetCurrentProcess
InterlockedDecrement
CloseHandle
ExitProcess
UnhandledExceptionFilter
VirtualFree
GetCPInfo
EnumDateFormatsExA
HeapCreate
FreeLibrary
SetUnhandledExceptionFilter
EnterCriticalSection
OpenMutexA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetSystemInfo
FlushFileBuffers
GetProcAddress
GetTickCount
TerminateProcess
RtlUnwind
MultiByteToWideChar
SetLastError
CreateFileA
Sleep
GetModuleHandleA
SetHandleCount
GetACP
GetCurrentThreadId
SetStdHandle
SetEnvironmentVariableA
GetStringTypeA

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dba1ed15cd8be3b1d3059f38f4363d3c

Headers

File Characteristics

Imports

wininet

user32

shell32

gdi32

comctl32

advapi32

kernel32

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 10KB - Virtual size: 18KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 10KB - Virtual size: 18KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 10KB - Virtual size: 9KB