6233c5d7997aa7803432a7991ed2c888_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6233c5d7997aa7803432a7991ed2c888_JaffaCakes118
Size

740KB
MD5

6233c5d7997aa7803432a7991ed2c888
SHA1

8688ce56e3b2a778d266bfc05ddeef42d0ea2182
SHA256

c0f9324aba33cc86b499a8de07415c76eed0d753924d5a1f5a8c087f05210cae
SHA512

0b548a73208b8cf57282b6dad42aea20fb3e613aec8fc88154df799a8b7dd8d420df5965dc697441c2d447aaf8a9dc505210eb612eba69a55229549064a60b36
SSDEEP

12288:4TFfphvRM+kiOj6L+hykOcChXrMZKXJKMl7LKuYfuuBeDuUlN0+791bxww77:ASiXL+hykOV4CZyuY2uBIB76w7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6233c5d7997aa7803432a7991ed2c888_JaffaCakes118

Files

6233c5d7997aa7803432a7991ed2c888_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8ed89a519c4760eba9721e3ba42245a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZClose
LZOpenFileA
LZCopy

kernel32

FlushFileBuffers
QueryPerformanceCounter
GetTimeZoneInformation
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
GetFileAttributesA
GetFullPathNameA
GetModuleHandleA
GetLastError
WriteProfileStringA
GetProfileStringA
GlobalAddAtomA
GlobalDeleteAtom
GetTickCount
GetCurrentThreadId
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
lstrcmpA
LoadLibraryA
FreeLibrary
GetCurrentProcess
GetProcAddress
GetSystemDefaultLangID
GetVersionExA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
lstrcatA
lstrcpyA
lstrlenA
SetLastError
GetShortPathNameA
DeleteFileA
SetFileAttributesA
WritePrivateProfileStringA
MoveFileExA
GetTempFileNameA
CompareFileTime
GetFileAttributesExA
GetTempPathA
CloseHandle
CreateFileA
TerminateProcess
OpenProcess
Process32Next
Module32Next
Module32First
Process32First
CreateToolhelp32Snapshot
SetEnvironmentVariableA
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
GetStringTypeW
GetStringTypeA
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
HeapReAlloc
HeapSize
GetACP
GetFileType
SetStdHandle
GetCommandLineA
ExitProcess
GetLocalTime
GetSystemTime
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceFrequency
WriteFile
GetUserDefaultLangID
GetCurrentDirectoryA
GetEnvironmentVariableA
GetSystemDirectoryA
GetLocaleInfoA
HeapAlloc
HeapFree
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetStartupInfoA
MultiByteToWideChar
CreateDirectoryA
ReadFile
GetDriveTypeA
LocalFree
FormatMessageA
Sleep
GetFileSize
GetFileTime
OpenFile
WideCharToMultiByte
LockResource
LoadResource
FindResourceExA
LocalAlloc
InterlockedExchange
RaiseException
CreateMutexA
OpenMutexA
RtlUnwind
lstrcpynA
InterlockedIncrement
InterlockedDecrement
DuplicateHandle
GlobalLock
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
lstrcmpiA
FileTimeToSystemTime
FileTimeToLocalFileTime
TlsAlloc
GlobalUnlock
GlobalHandle
GlobalFindAtomA
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
GlobalGetAtomNameA
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP

wininet

InternetGetLastResponseInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 396KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b8ed89a519c4760eba9721e3ba42245a

Headers

File Characteristics

Imports

lz32

kernel32

wininet

Sections

.text Size: 396KB - Virtual size: 394KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 84KB - Virtual size: 162KB

.rsrc Size: 40KB - Virtual size: 37KB

.text Size: 168KB - Virtual size: 168KB

.text
Size: 396KB - Virtual size: 394KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 84KB - Virtual size: 162KB

.rsrc
Size: 40KB - Virtual size: 37KB

.text
Size: 168KB - Virtual size: 168KB