624158af17c052468aa8beb7523be396_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

624158af17c052468aa8beb7523be396_JaffaCakes118
Size

81KB
MD5

624158af17c052468aa8beb7523be396
SHA1

ac3d46c00451443c4b79382a624593acb737bc56
SHA256

95c3198dc10f872fb824b85bf430e40201fc8cfd48b393f8ad57d303f0e826e0
SHA512

64b1582b9da4d0aac8b5d26c13e37653a8b4e4543dd25f8460f97145f40fa4fb76b1b6bd0e602dacab272a2ad2c5f7007dd91c88816b647f9724a4af35904a59
SSDEEP

1536:0bvOkiTl6IO5lKrkoM4DUMRdts5+95r6gVu9eChc9hzKm2e6/Z3r7o12jT:UGRl6IqshHrtS+v+aY9h+zKXecbk2T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
624158af17c052468aa8beb7523be396_JaffaCakes118

Files

624158af17c052468aa8beb7523be396_JaffaCakes118
.exe windows:5 windows x86 arch:x86

160d0ffb2ff0d58cadf49f3ae9bf23d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

wininet

HttpQueryInfoW
InternetCrackUrlW
InternetCloseHandle
DeleteUrlCacheEntryW
InternetCombineUrlW

user32

DestroyMenu
ShowOwnedPopups
GetAsyncKeyState
CharUpperA
GetMessageTime
GetMessageA
PostQuitMessage
wvsprintfA
ValidateRect

ole32

StgIsStorageFile
CoRevokeClassObject
CoUninitialize
CoInitialize
OleSetClipboard
OleDuplicateData
StgOpenStorage

kernel32

GetDriveTypeA
GetCurrentThreadId
SystemTimeToFileTime
SetEnvironmentVariableA
FindNextFileA
GlobalWire
ReadFile
WaitForMultipleObjects
DuplicateHandle
SetEvent
GetTickCount
SetLastError
GetSystemTimeAsFileTime
GetEnvironmentVariableA
GlobalFindAtomA
WriteFile
GetShortPathNameW
Sleep
CreateProcessA
LocalFileTimeToFileTime
IsValidLanguageGroup
GetCurrentProcess
CopyFileExW
ReleaseActCtx
GetDiskFreeSpaceA
GetVersionExA
GetNumberFormatA
EnumSystemCodePagesW
GetCommandLineA
FormatMessageA
DeleteFileA
CloseHandle
GetPrivateProfileIntW
SetHandleInformation
FindFirstFileA
GetExitCodeProcess
LeaveCriticalSection
GetCurrentProcessId
EnterCriticalSection
GetSystemTime
SetEndOfFile
DeviceIoControl
GetThreadTimes
GlobalGetAtomNameA
SetFileTime
SetErrorMode
TerminateProcess
CreateFileA
GetFileSize
DeleteCriticalSection
GlobalDeleteAtom
QueryPerformanceCounter
HeapFree
GetProcessHeap
CopyFileA
GetProcAddress
GetFileAttributesA
GetSystemDirectoryA
SetFileAttributesA
HeapAlloc
SetUnhandledExceptionFilter
GlobalFlags
LCMapStringA
SetFilePointer
SwitchToThread
OpenEventA
MoveFileA
FlushFileBuffers
GlobalAddAtomA
LCMapStringW
QueryDosDeviceA
GetModuleFileNameA
GetCurrentDirectoryA
DosDateTimeToFileTime
FindClose
MoveFileExA
CreateEventW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 139KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

160d0ffb2ff0d58cadf49f3ae9bf23d0

Headers

File Characteristics

Imports

comdlg32

wininet

user32

ole32

kernel32

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 7KB - Virtual size: 119KB

.debug Size: 5KB - Virtual size: 5KB

.pdata Size: 139KB - Virtual size: 251KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 119KB

.debug
Size: 5KB - Virtual size: 5KB

.pdata
Size: 139KB - Virtual size: 251KB