47c5f4fe58aa2d5ca1e0272f76467753_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47c5f4fe58aa2d5ca1e0272f76467753_JaffaCakes118
Size

519KB
MD5

47c5f4fe58aa2d5ca1e0272f76467753
SHA1

3f201a2f3bb6e7df309e89fb2c96bb8f7fb8f328
SHA256

74209c25ceb9b39d57348f0b4d982df56e134426bf2c1726be4663a9fbca064f
SHA512

a687b65a38a1daf2d9d3dc6a85345b859bb5417558c69896e847ce75ca19949d4766d089d4632dd873df1b58244aa1360d91a50c11f0b7c2eb5dd9db0d4ea3ed
SSDEEP

12288:pAnA0go22pIcuGDeE+hkeW5xmK9M36Jp5cCGKc:pIA0hdletha5xmovNl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47c5f4fe58aa2d5ca1e0272f76467753_JaffaCakes118

Files

47c5f4fe58aa2d5ca1e0272f76467753_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c32ad4e8dfaeba827b251020c37d2fca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleBitmap
ExtTextOutW
PtInRegion
GdiFlush
SetViewportOrgEx
CreateICA

user32

RegisterClassA
CreateWindowExA
ChangeClipboardChain
RegisterClassExA
ShowWindow
CreateIcon
MessageBoxW
VkKeyScanW

comdlg32

GetOpenFileNameA
ChooseColorA
FindTextW
GetFileTitleA

kernel32

GetCurrentProcessId
FreeEnvironmentStringsA
VirtualFree
GetModuleHandleA
SetHandleCount
GetCurrentProcess
GetCPInfo
HeapReAlloc
VirtualQuery
ExitProcess
TlsAlloc
GetFileType
GetCurrentThreadId
CompareStringW
GetStartupInfoA
WriteFile
FreeEnvironmentStringsW
FillConsoleOutputAttribute
HeapAlloc
GetLastError
GetEnvironmentStringsW
TerminateProcess
SetEnvironmentVariableA
SetLastError
InterlockedExchange
GetStringTypeA
CreateMutexA
SetFilePointer
InitializeCriticalSection
DeleteCriticalSection
RemoveDirectoryW
UnhandledExceptionFilter
MultiByteToWideChar
GetModuleFileNameA
QueryPerformanceCounter
LoadLibraryA
InterlockedDecrement
LeaveCriticalSection
LCMapStringA
RtlUnwind
GetACP
FlushFileBuffers
GetLocalTime
GetSystemTime
GetCurrentThread
CompareStringA
GetTickCount
GetTimeZoneInformation
TlsSetValue
GetStdHandle
CloseHandle
HeapCreate
SetStdHandle
HeapFree
GetVersion
VirtualAlloc
TlsFree
ReadFile
GetStringTypeW
CreateDirectoryA
GetProcAddress
LCMapStringW
InterlockedIncrement
GetSystemTimeAsFileTime
IsBadWritePtr
GetOEMCP
HeapDestroy
WideCharToMultiByte
GetEnvironmentStrings
OpenMutexA
TlsGetValue
EnterCriticalSection
GetCommandLineA

comctl32

InitCommonControlsEx

wininet

HttpQueryInfoA
InternetOpenW
DeleteUrlCacheEntryW
InternetSetDialStateW
InternetCheckConnectionA
FtpFindFirstFileA

advapi32

RegEnumKeyA
StartServiceA
RegDeleteValueW
LookupAccountNameW
LogonUserA
RegDeleteKeyW
CryptDestroyKey
RegReplaceKeyW
CryptSetProviderA
LookupSecurityDescriptorPartsA
CryptEnumProviderTypesA
CryptDuplicateKey
DuplicateToken
CryptHashData
RegCloseKey
GetUserNameA
LookupPrivilegeDisplayNameW

Sections

.text
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c32ad4e8dfaeba827b251020c37d2fca

Headers

File Characteristics

Imports

gdi32

user32

comdlg32

kernel32

comctl32

wininet

advapi32

Sections

.text Size: 360KB - Virtual size: 360KB

.rdata Size: 23KB - Virtual size: 51KB

.data Size: 114KB - Virtual size: 114KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 360KB - Virtual size: 360KB

.rdata
Size: 23KB - Virtual size: 51KB

.data
Size: 114KB - Virtual size: 114KB

.rsrc
Size: 19KB - Virtual size: 19KB