476825ad1ca45cab14da8e881326cf24_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

476825ad1ca45cab14da8e881326cf24_JaffaCakes118
Size

478KB
MD5

476825ad1ca45cab14da8e881326cf24
SHA1

92fe30e7a98699e0e0e890e96799f98875b2d8d3
SHA256

f33f091b2e613a0eab598505d9f0c60bb46ead10a8e4215937d96bce91a48b6a
SHA512

83f0198e12682f3e70dbdacd4ccb391a652124baa339fb49274c968996a86b60b78f68e39ddcfdd51b45c7d1d84695f2f1f4c95534d6b37970f787d66dd275b6
SSDEEP

12288:J3OIP7lKucHBnUH4oEo3sDC74G1dQF3jmqlTETN2:J9P70HHuW1KH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
476825ad1ca45cab14da8e881326cf24_JaffaCakes118

Files

476825ad1ca45cab14da8e881326cf24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abc24b93cc7878667c434f826a60e8a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetStringTypeA
UnhandledExceptionFilter
IsBadWritePtr
GetProcAddress
GetTimeFormatA
HeapReAlloc
IsValidLocale
GetCurrencyFormatW
GetFileType
GetCurrentProcessId
LCMapStringW
SetEvent
FreeEnvironmentStringsW
LeaveCriticalSection
SetFilePointer
GetTimeZoneInformation
WriteFileEx
MultiByteToWideChar
SetHandleCount
VirtualFree
SetConsoleCtrlHandler
CompareStringA
GetOEMCP
GetVersionExA
CreateDirectoryW
GetEnvironmentStrings
FoldStringW
TlsSetValue
ExitProcess
GetTickCount
CreateDirectoryExW
LCMapStringA
HeapFree
EnterCriticalSection
GetModuleFileNameA
GetLocaleInfoW
LoadLibraryA
QueryPerformanceCounter
WideCharToMultiByte
VirtualAlloc
LocalFlags
CloseHandle
SetEnvironmentVariableA
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
TlsAlloc
EnumSystemLocalesA
GetACP
GetCurrentThread
InterlockedDecrement
OutputDebugStringA
GetStringTypeW
CompareStringW
GetSystemTimeAsFileTime
FlushFileBuffers
UnmapViewOfFile
DeleteFileW
FreeEnvironmentStringsA
GetCPInfo
GetUserDefaultLangID
IsBadReadPtr
HeapCreate
SetStdHandle
WriteConsoleOutputW
GetCommandLineW
InterlockedIncrement
TlsFree
GetStdHandle
IsValidCodePage
GetDateFormatA
ReadConsoleW
InterlockedExchange
GetLastError
SetLastError
WriteFile
HeapDestroy
SuspendThread
ExitThread
GetUserDefaultLCID
GetStartupInfoW
HeapAlloc
InitializeCriticalSection
SetFileTime
GetConsoleCP
GetStartupInfoA
VirtualQuery
GetModuleHandleA
HeapValidate
GetEnvironmentStringsW
GetModuleFileNameW
RtlUnwind
VirtualProtect
TlsGetValue
FileTimeToLocalFileTime
GetSystemInfo
GetCommandLineA
DebugActiveProcess
DeleteCriticalSection
DebugBreak

wininet

InternetGetCertByURLA
InternetGoOnlineW
InternetTimeFromSystemTimeW
GopherFindFirstFileW
GetUrlCacheEntryInfoExA
InternetOpenUrlA
SetUrlCacheEntryGroup
FindFirstUrlCacheContainerA
InternetErrorDlg
GetUrlCacheEntryInfoW
InternetConfirmZoneCrossingA
HttpCheckDavCompliance
InternetHangUp
FindFirstUrlCacheContainerW
FreeUrlCacheSpaceA
CommitUrlCacheEntryW
InternetGetLastResponseInfoW
DeleteUrlCacheEntry
FindNextUrlCacheContainerA
FtpDeleteFileW
InternetShowSecurityInfoByURLW

Sections

.text
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abc24b93cc7878667c434f826a60e8a3

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 189KB - Virtual size: 189KB

.data Size: 284KB - Virtual size: 284KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 189KB - Virtual size: 189KB

.data
Size: 284KB - Virtual size: 284KB

.rsrc
Size: 3KB - Virtual size: 2KB