47a7a884d0b7f14b36ff3eff9da05232_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47a7a884d0b7f14b36ff3eff9da05232_JaffaCakes118
Size

130KB
MD5

47a7a884d0b7f14b36ff3eff9da05232
SHA1

b95b78a215d90555df2cab93b99a753afff72665
SHA256

e1b0b8ef8613c49223c56e23477ccb73726d8db8237fb2c5715253e76c8abb77
SHA512

82c3475cf9e14f8dd59133ce2ebdb2ea25e6b295194b65260b9e03937b8a29c6d1902e80019ec80d1e9a88150c204913692f397983904c5d44b2f80c124754f9
SSDEEP

3072:3tCbZDqSnrYGy5IxFI07fUt9kWirJbd6thtT9ZmO:9A/YxIxCg25i9mRS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47a7a884d0b7f14b36ff3eff9da05232_JaffaCakes118

Files

47a7a884d0b7f14b36ff3eff9da05232_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fbec26ff8553726db3543452d81f21a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetDateFormatA
MoveFileA
CreateThread
LocalFree
LocalAlloc
Sleep
GetVersionExA
LoadLibraryA
GetProcAddress
lstrlenA
SetTapePosition
GetModuleFileNameA
QueryPerformanceCounter
OpenProcess
GetSystemTime
GetVolumeInformationA
CreateFileA
GetCurrentThreadId

user32

InflateRect
GetDoubleClickTime
EndDeferWindowPos
ExitWindowsEx
IntersectRect
DialogBoxIndirectParamA
CreatePopupMenu
GetSysColorBrush
DispatchMessageA
GetForegroundWindow
CreateDialogIndirectParamA
GetClientRect
GetWindowRect

gdi32

GetClipBox
SetTextColor
SetBkColor
CreateBitmap
GetCharWidthA

winspool.drv

GetJobA
ClosePrinter
DocumentPropertiesA
OpenPrinterA
EnumPrintersA

shlwapi

PathCompactPathExA
wnsprintfA
PathFindFileNameA
PathGetDriveNumberA
PathRemoveFileSpecA
AssocQueryStringA
PathIsUNCA

ole32

CoInitialize
OleInitialize
OleUninitialize
CLSIDFromString
CoCreateInstance

ws2_32

WSAConnect
WSAAddressToStringA
WSACloseEvent

wininet

InternetOpenA
InternetQueryDataAvailable
InternetGetCookieA
InternetReadFile
InternetSetCookieA
InternetSetOptionA
InternetCrackUrlA
HttpEndRequestA
InternetAttemptConnect
HttpSendRequestExA
InternetWriteFile
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetQueryOptionA

msvcrt

__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
__p__fmode
__set_app_type
_except_handler3
_controlfp
clock
malloc
realloc
free
fopen
fputs
fread
fclose
exit

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbec26ff8553726db3543452d81f21a5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

shlwapi

ole32

ws2_32

wininet

msvcrt

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 4KB - Virtual size: 111KB

.rsrc Size: 40KB - Virtual size: 36KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 4KB - Virtual size: 111KB

.rsrc
Size: 40KB - Virtual size: 36KB

.reloc
Size: 2KB - Virtual size: 2KB