422a375c37249e3f18cdcdc7742b2f73_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

422a375c37249e3f18cdcdc7742b2f73_JaffaCakes118
Size

480KB
MD5

422a375c37249e3f18cdcdc7742b2f73
SHA1

38e7a81ddc20c7e814259228e68e5ef2b210ae12
SHA256

a744b8130d481d3bfa77a20a714866c1f9a25e94de34e3e299246ace7d3ae710
SHA512

5ec091acf677fb646b9daea88f2c5df117829a9bac34f6343cfa5a9ad6e0e188d85566b9f1fa040d26cddc7a5f74465c7c9b57a9e4c6fe43676d522f8818382a
SSDEEP

12288:tx0URnPRryup6b5qVVd2ObKSS/FgHUBuc/SJe6Fh3A6piQ+DA81HRFZ5CP5V04jH:9uc9Qj5kj04j7WZdGP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
422a375c37249e3f18cdcdc7742b2f73_JaffaCakes118

Files

422a375c37249e3f18cdcdc7742b2f73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1ad29ede40fbdd987db1eb1751a3de3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
IsBadWritePtr
ReadConsoleInputW
CompareStringA
GetUserDefaultLCID
FreeEnvironmentStringsA
HeapAlloc
LoadLibraryA
GetCommandLineA
UnhandledExceptionFilter
CompareStringW
ReleaseMutex
EnumSystemLocalesA
GetFileType
InterlockedExchange
TlsFree
GetEnvironmentStrings
HeapDestroy
HeapSize
DeleteCriticalSection
WriteFile
GetOEMCP
InitializeCriticalSection
GetStartupInfoA
OpenWaitableTimerA
LCMapStringA
GetTimeFormatA
HeapCreate
GetProcAddress
GetACP
GetVersionExA
HeapFree
GlobalHandle
GetLocaleInfoW
LoadResource
LCMapStringW
VirtualQuery
TlsSetValue
LeaveCriticalSection
VirtualProtect
GetEnvironmentStringsW
MultiByteToWideChar
GetCPInfo
GetTimeZoneInformation
HeapReAlloc
TlsGetValue
ExitProcess
FreeEnvironmentStringsW
EnterCriticalSection
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetLastError
GetModuleHandleA
GetStringTypeW
SetEnvironmentVariableA
SetHandleCount
GetCurrentThreadId
WideCharToMultiByte
IsValidCodePage
GetLocaleInfoA
GetSystemInfo
GetCurrentProcessId
GetModuleFileNameA
TlsAlloc
GetLastError
OpenMutexW
GetTickCount
IsValidLocale
GetCurrentThread
GetStringTypeA
GetSystemTimeAsFileTime
VirtualFree
RtlUnwind
GetStdHandle

gdi32

CreateEllipticRgnIndirect
GetCharWidthA
PolyDraw
GetObjectA
SetBoundsRect
ExtSelectClipRgn
CloseEnhMetaFile
GetLayout
GdiFlush
GetKerningPairsW
RealizePalette
TranslateCharsetInfo
PlgBlt
ExtEscape
GetTextColor
FillPath
SetLayout

user32

CallNextHookEx
SetPropA
GetShellWindow
UnregisterDeviceNotification
GetProcessDefaultLayout
LookupIconIdFromDirectory
wvsprintfA
GrayStringW
DialogBoxIndirectParamW
GetMonitorInfoW
ReplyMessage
GetKeyboardType
GetPropW
GetMessageW
TrackMouseEvent
CreateIconFromResource
DialogBoxParamA
BroadcastSystemMessageA
EnumClipboardFormats
CreateAcceleratorTableA
RegisterWindowMessageW

wininet

InternetTimeToSystemTimeW
InternetQueryFortezzaStatus
FindNextUrlCacheEntryA
InternetGetConnectedState
InternetWriteFile
DeleteIE3Cache
InternetConnectW

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1ad29ede40fbdd987db1eb1751a3de3

Headers

File Characteristics

Imports

kernel32

gdi32

user32

wininet

Sections

.text Size: 193KB - Virtual size: 192KB

.data Size: 276KB - Virtual size: 284KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 193KB - Virtual size: 192KB

.data
Size: 276KB - Virtual size: 284KB

.rsrc
Size: 10KB - Virtual size: 10KB