3d1ff2b53d3c1d35a70252a20b3c1feb_JaffaCakes118

General

Target

3d1ff2b53d3c1d35a70252a20b3c1feb_JaffaCakes118
Size

424KB
MD5

3d1ff2b53d3c1d35a70252a20b3c1feb
SHA1

010126102b29c6946d54efff7b9109c7561c8488
SHA256

94e855d48fd1472095f00256db946ee2179387ed4da5b88bb219683006806d51
SHA512

727e3965217be15c597899001435300c3bb10163cd123ba3a313efbb144744ad40cb81c12e632110d077eab8912cb58f18c64cbe758789af5d1a44fad88c688c
SSDEEP

12288:wGmNzIxqTSsY1uugJnRqhpxqq4CLxBQeJv:U5IgSsY18RqhpxqzCLx2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d1ff2b53d3c1d35a70252a20b3c1feb_JaffaCakes118

Files

3d1ff2b53d3c1d35a70252a20b3c1feb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4db934564f49f0f37b6207d0093e25dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
TlsSetValue
VirtualFree
GetLastError
GetProcAddress
VirtualProtect
HeapReAlloc
WriteFile
GetLocaleInfoA
LCMapStringW
GetCurrentProcessId
HeapAlloc
GetCurrentThread
GetVersionExA
LeaveCriticalSection
GetModuleHandleA
WideCharToMultiByte
CompareStringA
FreeEnvironmentStringsA
InterlockedExchange
HeapSize
TlsAlloc
GetOEMCP
SetLastError
GetFileType
GetCommandLineA
IsValidLocale
GetACP
GetStringTypeW
ExitProcess
GetTickCount
FreeEnvironmentStringsW
TlsFree
HeapFree
GetSystemInfo
GetModuleFileNameA
SetEnvironmentVariableA
LoadLibraryA
QueryPerformanceCounter
GetStringTypeA
VirtualAlloc
DeleteCriticalSection
GetLocaleInfoW
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetTimeFormatA
HeapCreate
IsBadWritePtr
LCMapStringA
EnumSystemLocalesA
UnhandledExceptionFilter
GetStartupInfoA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetEnvironmentStringsW
CompareStringW
GetUserDefaultLCID
HeapDestroy
GetEnvironmentStrings
EnterCriticalSection
IsValidCodePage
SetHandleCount
GetDateFormatA
InitializeCriticalSection
GetStdHandle
GetCPInfo
TlsGetValue

wininet

FtpPutFileEx
GopherCreateLocatorA
UnlockUrlCacheEntryStream
InternetConnectW
IsUrlCacheEntryExpiredW
InternetReadFileExA
FtpFindFirstFileA
FreeUrlCacheSpaceA
InternetWriteFileExA
InternetWriteFile
InternetSetDialStateA
HttpSendRequestExW
CreateUrlCacheEntryA
InternetAttemptConnect
FtpGetCurrentDirectoryA

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4db934564f49f0f37b6207d0093e25dd

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 139KB - Virtual size: 138KB

.data Size: 272KB - Virtual size: 272KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 139KB - Virtual size: 138KB

.data
Size: 272KB - Virtual size: 272KB

.rsrc
Size: 11KB - Virtual size: 11KB