3e567542dada632bed336ee6519bf947_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e567542dada632bed336ee6519bf947_JaffaCakes118
Size

587KB
MD5

3e567542dada632bed336ee6519bf947
SHA1

61560b48877ba135f930e51e02e0cb4b835dc4b4
SHA256

ee53ef97c334889e8e0b8e9b2af744abf9286d34bbfb33ea61096558be18f330
SHA512

68a371ced4313dfeefd335af8865503a97be13672803ff62544244262469a26a88d23057e0d7255002c201f33b327168d8b86f4a99734dcc273be5ddf435c6d2
SSDEEP

12288:mFFfbS4luNoMGzI6PqiB5bpMNp8fw8jeuF3P6OLSfQfoX:AFmxuskNa38lnl6OLuQfoX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e567542dada632bed336ee6519bf947_JaffaCakes118

Files

3e567542dada632bed336ee6519bf947_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84cfed5d85f6cc11345e80c095395454

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
WideCharToMultiByte
GetUserDefaultLCID
FlushFileBuffers
RtlUnwind
GetLocaleInfoW
SetStdHandle
GetCurrentProcess
GetDateFormatA
VirtualAlloc
HeapSize
WriteFile
HeapReAlloc
GetConsoleCP
GetProcessAffinityMask
GetCommandLineW
CreateFileA
SetUnhandledExceptionFilter
GetModuleFileNameA
DeleteCriticalSection
TlsSetValue
SetLastError
FreeEnvironmentStringsW
GetLastError
SetFilePointer
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetEnvironmentStringsW
CompareStringW
GetStartupInfoW
QueryPerformanceCounter
LeaveCriticalSection
IsBadReadPtr
TlsAlloc
WriteConsoleW
LCMapStringA
CompareStringA
HeapAlloc
GetConsoleOutputCP
HeapFree
FreeLibrary
SetConsoleCtrlHandler
GetCurrentProcessId
WriteFileEx
GetModuleFileNameW
SetEnvironmentVariableA
IsValidCodePage
GetStartupInfoA
CloseHandle
GetACP
GetModuleHandleW
DebugBreak
OutputDebugStringA
VirtualFree
SetThreadLocale
GlobalFlags
RaiseException
OutputDebugStringW
MultiByteToWideChar
HeapValidate
Sleep
WriteConsoleA
SetHandleCount
ExpandEnvironmentStringsW
ReadConsoleInputA
GetProcessHeap
GetProcAddress
GetCPInfo
GetConsoleMode
GetPrivateProfileIntW
GetTimeZoneInformation
InterlockedExchange
TlsFree
LoadLibraryW
GetCurrentThread
VirtualQuery
LCMapStringW
IsValidLocale
GetDriveTypeW
HeapCreate
GetCurrentThreadId
GetStringTypeA
GlobalUnlock
TerminateProcess
EnumSystemLocalesA
GetStringTypeW
CreateFileMappingW
TlsGetValue
InitializeCriticalSectionAndSpinCount
GetFileType
GetOEMCP
WritePrivateProfileSectionW
ExitProcess
HeapDestroy
UnhandledExceptionFilter
lstrlenA
GetModuleHandleA
GetLocaleInfoA
MoveFileExW
IsDebuggerPresent
InterlockedDecrement
InterlockedIncrement
GetTimeFormatA
GetStdHandle

wininet

CreateUrlCacheEntryW
InternetOpenUrlA
HttpQueryInfoW
InternetReadFileExA
InternetReadFileExW
IsUrlCacheEntryExpiredA
InternetReadFile

comdlg32

GetOpenFileNameW
PrintDlgW
GetSaveFileNameW
GetFileTitleW
ChooseFontA
FindTextW
PageSetupDlgW
GetFileTitleA
ReplaceTextW
GetSaveFileNameA
PrintDlgA
FindTextA
ChooseColorW
PageSetupDlgA
ReplaceTextA

Sections

.text
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84cfed5d85f6cc11345e80c095395454

Headers

File Characteristics

Imports

kernel32

wininet

comdlg32

Sections

.text Size: 262KB - Virtual size: 262KB

.data Size: 314KB - Virtual size: 323KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 262KB - Virtual size: 262KB

.data
Size: 314KB - Virtual size: 323KB

.rsrc
Size: 10KB - Virtual size: 9KB