5e2be2a605b4754c1e966a401b9569d8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5e2be2a605b4754c1e966a401b9569d8_JaffaCakes118
Size

422KB
MD5

5e2be2a605b4754c1e966a401b9569d8
SHA1

476d379c0729430b835e4daf01899efa6f476ea7
SHA256

ceff6a9614b5b6d2c7e1413780aa756166f09ef4b7ee7b11146c0f64af037368
SHA512

da44916f727368d2c7dd632ffef2b7299bf152f9edf78ce76a38657899fbca78056452a15499f9be18d75a456c22ac23d8baf1240695cd49c86342cc88fba5fb
SSDEEP

12288:9qIwgBCFGJrYaUS8GTOsBRHCOyodM11/iU8:rwgkCsCXTOsBwzyM11/in

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e2be2a605b4754c1e966a401b9569d8_JaffaCakes118

Files

5e2be2a605b4754c1e966a401b9569d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84c7072cbeca05cdb33897860aa91b7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
SetConsoleTitleA
IsValidCodePage
CreateSemaphoreA
RtlUnwind
GetStringTypeA
FindClose
GetCurrentProcess
GetLastError
VirtualAlloc
LCMapStringW
InitializeCriticalSection
HeapReAlloc
GetDateFormatA
LocalFree
GetCurrentThread
DeleteCriticalSection
LCMapStringA
GetModuleFileNameA
EnumSystemLocalesA
GetStdHandle
ExitProcess
GetACP
GetOEMCP
GetTimeFormatA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetLocaleInfoA
CompareStringW
GetVersionExA
QueryPerformanceCounter
UnhandledExceptionFilter
SetHandleCount
GetProcAddress
SetEnvironmentVariableA
TlsGetValue
CompareStringA
HeapAlloc
GetEnvironmentStringsW
HeapFree
GetLogicalDriveStringsW
LeaveCriticalSection
GetCurrentProcessId
CreateEventW
GetStringTypeW
GetLocaleInfoW
TlsAlloc
GetUserDefaultLCID
GlobalFree
GetCPInfo
GetSystemInfo
EnterCriticalSection
WideCharToMultiByte
SetLastError
WriteConsoleW
OutputDebugStringW
GetModuleHandleA
WriteFile
VirtualProtect
WritePrivateProfileSectionW
GetCommandLineW
MultiByteToWideChar
AddAtomW
GetStartupInfoA
GlobalUnfix
GetTimeZoneInformation
GetProcAddress
GetCommandLineA
GetEnvironmentStrings
WriteConsoleA
IsBadWritePtr
InterlockedExchange
HeapCreate
VirtualFree
GetFileType
VirtualQuery
TlsSetValue
TlsFree
GetProcessHeaps
IsValidLocale
GetCurrentThreadId
HeapDestroy
InterlockedIncrement
TerminateProcess
FreeEnvironmentStringsW
HeapSize
ContinueDebugEvent

shell32

ExtractIconExA
SheChangeDirA
SHBrowseForFolder
SHGetSpecialFolderPathA
SHGetPathFromIDList
DragQueryPoint
DragQueryFileW
DoEnvironmentSubstA
ShellHookProc

wininet

SetUrlCacheEntryGroup
DeleteIE3Cache
InternetShowSecurityInfoByURLW
InternetCombineUrlW
InternetCreateUrlW
FtpRemoveDirectoryA
FindFirstUrlCacheGroup
GopherFindFirstFileA
InternetConnectW
HttpSendRequestW
FindFirstUrlCacheEntryA
RetrieveUrlCacheEntryStreamA
InternetSetCookieW
InternetGetCookieA
InternetQueryOptionA

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84c7072cbeca05cdb33897860aa91b7f

Headers

File Characteristics

Imports

kernel32

shell32

wininet

Sections

.text Size: 139KB - Virtual size: 138KB

.data Size: 272KB - Virtual size: 291KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 139KB - Virtual size: 138KB

.data
Size: 272KB - Virtual size: 291KB

.rsrc
Size: 9KB - Virtual size: 9KB