381594fde1ec153c8e90e18b29c369dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

381594fde1ec153c8e90e18b29c369dc_JaffaCakes118
Size

443KB
MD5

381594fde1ec153c8e90e18b29c369dc
SHA1

8e21f869452d8c45d0f3f6a628b8a8fb89447fac
SHA256

10503a9da0b819c6693ff9e9f17a621a9a28a96d32850d4720463744e067f175
SHA512

3699f962d30fc60f8b525b778648c8e34aa6ec83e1286a4dcb30093b9bbdf2aa7c75ce7362c5943e13a37dbc0f59b76a0fa62ce8c2571209535a878c6f0cce9a
SSDEEP

12288:vx0eNaUxuJfKaA2QXj79Qp91XKryYG/UVOdgBcn:pvNa1fKaA9+pjXKO1dAa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
381594fde1ec153c8e90e18b29c369dc_JaffaCakes118

Files

381594fde1ec153c8e90e18b29c369dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6aed51c1c4839331853b3e251a5e78c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
CompareStringA
LCMapStringA
GetCommandLineW
RtlUnwind
GetSystemInfo
OpenFileMappingA
GetCurrentProcess
GetOEMCP
VirtualAlloc
SetHandleCount
IsValidCodePage
HeapReAlloc
GetFileType
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsA
MultiByteToWideChar
GetModuleFileNameA
GetACP
GetStringTypeW
ExitProcess
GetCurrentThread
GetStringTypeA
GetUserDefaultLCID
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoA
EnumSystemLocalesA
HeapDestroy
QueryPerformanceCounter
LockFileEx
TlsGetValue
GetVersionExW
TlsFree
WideCharToMultiByte
EnterCriticalSection
HeapAlloc
GetLocaleInfoA
HeapFree
GetWindowsDirectoryW
SetLastError
GetCurrentProcessId
SetEnvironmentVariableA
GetTimeFormatA
GetStdHandle
VirtualFree
HeapCreate
DeleteCriticalSection
GetDateFormatA
GetTimeZoneInformation
FreeEnvironmentStringsW
IsBadWritePtr
TlsSetValue
GetCompressedFileSizeA
DosDateTimeToFileTime
GetModuleHandleA
UnhandledExceptionFilter
GetCommandLineA
SetStdHandle
GetProfileSectionA
TlsAlloc
SetConsoleCtrlHandler
TerminateThread
CompareStringW
GetVersionExA
GetProcAddress
GetEnvironmentStrings
GetLastError
WaitForSingleObjectEx
IsValidLocale
InterlockedExchange
HeapSize
TerminateProcess
GetLocaleInfoW
VirtualQuery
WriteFile
VirtualProtect
WriteConsoleOutputAttribute
LeaveCriticalSection
GetCurrentThreadId
InitializeCriticalSection

wininet

RetrieveUrlCacheEntryStreamW
InternetSetOptionA
FindNextUrlCacheEntryExA
ResumeSuspendedDownload
InternetAlgIdToStringA
FtpCommandA
InternetTimeFromSystemTimeA
InternetReadFileExA
InternetTimeToSystemTimeW
FtpPutFileA
FtpDeleteFileA
FtpGetFileW
UnlockUrlCacheEntryFileA
HttpOpenRequestA
InternetGetConnectedStateEx
GetUrlCacheHeaderData
GetUrlCacheGroupAttributeA
InternetQueryOptionA
FindFirstUrlCacheGroup
FindFirstUrlCacheEntryW
GopherOpenFileA
InternetCrackUrlW

gdi32

AnimatePalette
SelectClipPath
GetViewportExtEx
SetBkColor
CopyEnhMetaFileA
DeleteObject
DeleteEnhMetaFile
EnumFontsA
SetMetaRgn
GetEnhMetaFileDescriptionW
EqualRgn
CreateColorSpaceW
FixBrushOrgEx

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6aed51c1c4839331853b3e251a5e78c0

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

Sections

.text Size: 158KB - Virtual size: 158KB

.data Size: 273KB - Virtual size: 272KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 158KB - Virtual size: 158KB

.data
Size: 273KB - Virtual size: 272KB

.rsrc
Size: 10KB - Virtual size: 10KB