4a205dc37cb30b4b7198bcfd968a9528_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4a205dc37cb30b4b7198bcfd968a9528_JaffaCakes118
Size

295KB
MD5

4a205dc37cb30b4b7198bcfd968a9528
SHA1

10cb804934423c5fdf05c95f4c5c36b74a494f2a
SHA256

9f87f8ae356eda442af9f359ca099b628e6569e813b28c48c57d2f54d1b7955b
SHA512

081b6c56d9ed3b45ee0c3c8394483b5b3c5ea276e2aa88f74d968e6ffeeff15cb36d0d797a8ced8270a1e1b3ad04f29db9e935ec9c4d095c79863822b5f905ba
SSDEEP

6144:C5JW2UljequjQ0QfsPJvftjx8n64oAhQlBfiFxPZrvp7xD:33ljepQfwBf5x8n64oYQlBir9xxD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a205dc37cb30b4b7198bcfd968a9528_JaffaCakes118

Files

4a205dc37cb30b4b7198bcfd968a9528_JaffaCakes118
.exe windows:4 windows x86 arch:x86

714f22a964caf60b0f3f3593bf010f35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetInitializeAutoProxyDll
HttpEndRequestW
CreateUrlCacheContainerW
InternetWriteFileExW
DeleteUrlCacheContainerW
FreeUrlCacheSpaceW
InternetCreateUrlW
InternetLockRequestFile

advapi32

CryptEnumProviderTypesA
LogonUserA
CryptVerifySignatureA
CryptHashData

shell32

SHGetFileInfoW
SHFileOperation
ExtractAssociatedIconW
DragQueryFileAorW
SHGetSpecialFolderPathW

user32

RegisterClassA
RegisterClassExA
DdeAccessData
ShowWindow
DefDlgProcW
WaitMessage
SetCursor
MessageBoxW
CloseWindowStation
MoveWindow
GetScrollBarInfo
CharPrevExA
EnumPropsA
GetKeyboardType
GetTabbedTextExtentW
CreateWindowExA
DdeGetLastError
CreateCaret
IsDialogMessageA

gdi32

DeleteDC
GetMapMode
SetMiterLimit
CreateScalableFontResourceW
GetDeviceCaps
GetPixel
IntersectClipRect
CreateHalftonePalette
ExcludeClipRect
CombineTransform
SetArcDirection
CreateDCW

kernel32

EnterCriticalSection
GetLocalTime
GetStartupInfoA
OpenMutexA
SetHandleCount
SetEnvironmentVariableA
ReadFile
MultiByteToWideChar
SetLastError
GetCurrentThreadId
CreateMutexA
InterlockedDecrement
HeapAlloc
GetModuleFileNameA
ExitProcess
HeapDestroy
TlsAlloc
LCMapStringW
LCMapStringA
GetTempPathW
TerminateProcess
GetSystemTime
CompareStringW
TlsFree
GetCurrentProcessId
GetEnvironmentStrings
GetCurrentProcess
GetFileType
GetPrivateProfileStructW
RtlUnwind
GetSystemDirectoryW
LeaveCriticalSection
HeapCreate
DeleteCriticalSection
InterlockedExchangeAdd
GetVersion
InterlockedExchange
FreeEnvironmentStringsA
SetStdHandle
GetCommandLineA
WideCharToMultiByte
HeapFree
InitializeCriticalSection
LoadLibraryA
SetFilePointer
lstrlen
GetACP
GetTimeZoneInformation
VirtualFree
GetLogicalDriveStringsW
HeapReAlloc
GetModuleHandleA
DeleteAtom
GlobalUnlock
WriteFile
TlsSetValue
CompareStringA
GetShortPathNameW
QueryPerformanceCounter
GetTempPathA
GetCPInfo
GetStdHandle
GetPrivateProfileStringW
GetCurrentThread
VirtualAlloc
GetSystemTimeAsFileTime
IsBadWritePtr
GetEnvironmentStringsW
FileTimeToLocalFileTime
FlushFileBuffers
SetThreadAffinityMask
FreeEnvironmentStringsW
GetOEMCP
GetProcAddress
UnhandledExceptionFilter
InterlockedIncrement
GetTickCount
LocalFileTimeToFileTime
TlsGetValue
GetLastError
CloseHandle
VirtualQuery
LocalLock
GetStringTypeW
GetStringTypeA

comctl32

InitCommonControlsEx

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

714f22a964caf60b0f3f3593bf010f35

Headers

File Characteristics

Imports

wininet

advapi32

shell32

user32

gdi32

kernel32

comctl32

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 28KB - Virtual size: 52KB

.data Size: 88KB - Virtual size: 88KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 28KB - Virtual size: 52KB

.data
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 12KB - Virtual size: 12KB