381f9b6637ddb9929322ee3d4bf7c75b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

381f9b6637ddb9929322ee3d4bf7c75b_JaffaCakes118
Size

327KB
MD5

381f9b6637ddb9929322ee3d4bf7c75b
SHA1

152082fcebb4dc884c4e5a13aeda37eb2eb00434
SHA256

028a80eee8e484cc01c13b5e50579fb52991969e1ed87baa8910cf46a349d87a
SHA512

d4205b2c231f4255ff175255285aed3e34133d266b41dfe2f3123a27548580cb857fdca402b996b6557f9bb14d5442843cbcbd0402d842fe1d75c0b70f6bdce2
SSDEEP

6144:pJxqgTR9Ad8tHx3fzV72HLtEtWjeAsNGQRIr+gtMMMZF0CAhv:lTUEfzZWtE+M3b2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
381f9b6637ddb9929322ee3d4bf7c75b_JaffaCakes118

Files

381f9b6637ddb9929322ee3d4bf7c75b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b590443e98c2986960d4ece49678ed28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GetUrlCacheConfigInfoW
DeleteIE3Cache
HttpSendRequestExA
InternetCheckConnectionW
InternetSetDialState
FindNextUrlCacheEntryW
FindNextUrlCacheGroup

user32

GetClassInfoExW
SendNotifyMessageW
CascadeChildWindows
OffsetRect
MapVirtualKeyA
DestroyWindow
RegisterClassA
RegisterClipboardFormatA
GetWindowContextHelpId
ShowWindow
EnumClipboardFormats
DefMDIChildProcA
ShowScrollBar
CreateWindowExW
DefWindowProcW
ModifyMenuA
RegisterClassExA
MessageBoxA

comdlg32

GetSaveFileNameA
PageSetupDlgA
GetOpenFileNameW

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_Merge

kernel32

GetShortPathNameA
ReleaseSemaphore
SetConsoleTextAttribute
LoadLibraryA
LCMapStringW
ExitProcess
ReadFile
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetStartupInfoA
FlushFileBuffers
WideCharToMultiByte
WaitForSingleObjectEx
GetCurrentThreadId
UnhandledExceptionFilter
GetEnvironmentStringsW
CreateMailslotW
GetCPInfo
lstrcpyn
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
CompareStringA
RtlUnwind
EnterCriticalSection
CreateRemoteThread
TlsFree
MoveFileA
TlsGetValue
HeapDestroy
GetACP
OpenMutexA
IsBadWritePtr
GetProcAddress
GetPrivateProfileSectionW
GetCurrentProcess
InitializeCriticalSection
HeapFree
VirtualAlloc
CloseHandle
IsValidLocale
SetConsoleWindowInfo
CompareStringW
DeleteCriticalSection
GetUserDefaultLCID
InterlockedIncrement
FreeLibrary
GetFileType
VirtualFree
SetFilePointer
MultiByteToWideChar
EnumResourceNamesW
GetLocalTime
GetCommandLineA
WriteFile
SetHandleCount
GetProfileSectionW
HeapSize
SetStdHandle
TerminateProcess
TransactNamedPipe
InterlockedExchange
FreeEnvironmentStringsW
SetLastError
TlsSetValue
lstrlen
CreateMutexA
GetSystemTime
VirtualQuery
LCMapStringA
GetModuleHandleA
GetTickCount
GetTimeZoneInformation
QueryPerformanceCounter
InterlockedDecrement
EnumCalendarInfoA
TlsAlloc
HeapReAlloc
HeapCreate
GetLastError
LeaveCriticalSection
GetStringTypeW
GetCurrentProcessId
GetVersion
SetEnvironmentVariableA
SetConsoleMode
GetStringTypeA
GetCurrentThread
HeapAlloc
GetOEMCP
WriteConsoleOutputW

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b590443e98c2986960d4ece49678ed28

Headers

File Characteristics

Imports

wininet

user32

comdlg32

comctl32

kernel32

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 76KB - Virtual size: 80KB

.data Size: 92KB - Virtual size: 92KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 76KB - Virtual size: 80KB

.data
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 40KB - Virtual size: 39KB