6392c9238ac2239f318ed0ba17adddde_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6392c9238ac2239f318ed0ba17adddde_JaffaCakes118
Size

659KB
MD5

6392c9238ac2239f318ed0ba17adddde
SHA1

a09848f2a4fd1ed2e594013a2f30b72fb0ca5af1
SHA256

e706b7b803c643ee66074c8be3d5f146f6e479e7a34b431d842beba20781a234
SHA512

46ee45915ba9168a9607b2cdd6674b4b1df2bc5c9eeed600e24a2089cb1b2cc0a2a1c6b5b3c21ab11aad69e7a5d0fbdbf7bbb87c997ad3884432539dd2895e48
SSDEEP

12288:mcrgZ4uDSEk1T1UbdPpqx7SU6X1t1B4vah8rSEdrW1FN5:mcrXJEk1CbdRqx7R6P1iiarSEUN5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6392c9238ac2239f318ed0ba17adddde_JaffaCakes118

Files

6392c9238ac2239f318ed0ba17adddde_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9519049098e9b3224a14a495455ff4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumPropsExW
CheckRadioButton
WINNLSEnableIME
DdeAccessData
LoadAcceleratorsA
GetUserObjectInformationA
GetProcessDefaultLayout
DrawTextExA
ExitWindowsEx
GetMenuContextHelpId
RegisterClassExA
SetWindowsHookA
RegisterClassA

kernel32

GetProcAddress
GetCPInfo
TlsGetValue
ExitProcess
VirtualQuery
MultiByteToWideChar
HeapAlloc
FindNextFileA
LoadLibraryA
EnumSystemLocalesA
SetUnhandledExceptionFilter
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCommandLineW
RtlUnwind
QueryPerformanceCounter
HeapSize
ReadFile
GetACP
FillConsoleOutputCharacterA
VirtualFree
GetCurrentProcessId
GetTickCount
GetStartupInfoA
GetStdHandle
HeapCreate
GetOEMCP
VirtualAlloc
InterlockedExchange
GetCurrentThreadId
SetHandleCount
SetConsoleCtrlHandler
GetFileType
CloseHandle
WriteFile
GetWindowsDirectoryW
GetStringTypeA
WaitForSingleObject
FlushFileBuffers
GetConsoleCP
WideCharToMultiByte
LCMapStringA
IsDebuggerPresent
GetLocaleInfoA
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetLastError
HeapDestroy
GetCommandLineA
GetDateFormatA
GetModuleFileNameA
InterlockedIncrement
SetFilePointer
LeaveCriticalSection
FreeEnvironmentStringsW
FreeLibrary
CompareStringW
CompareStringA
SetLastError
IsValidLocale
GetStartupInfoW
DeleteCriticalSection
TerminateProcess
GetUserDefaultLCID
Sleep
GetLocaleInfoW
SetStdHandle
HeapFree
HeapReAlloc
GetTimeFormatA
GetCurrentThread
GetModuleFileNameW
TlsSetValue
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetVersionExA
GetTimeZoneInformation
CreateMutexA
EnterCriticalSection
UnhandledExceptionFilter
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSection
LCMapStringW
TlsFree
GetCurrentProcess
SetEnvironmentVariableA
GetProcessHeap
OpenMutexA
CreateFileA
GetConsoleMode
GetStringTypeW
WriteConsoleA
InterlockedDecrement
FindResourceW

comctl32

InitCommonControlsEx

wininet

InternetSecurityProtocolToStringW
FtpCommandW
FreeUrlCacheSpaceA
DeleteUrlCacheContainerW
InternetTimeFromSystemTime
FreeUrlCacheSpaceW

Sections

.text
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 322KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9519049098e9b3224a14a495455ff4d

Headers

File Characteristics

Imports

user32

kernel32

comctl32

wininet

Sections

.text Size: 321KB - Virtual size: 320KB

.rdata Size: 9KB - Virtual size: 31KB

.data Size: 322KB - Virtual size: 322KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 321KB - Virtual size: 320KB

.rdata
Size: 9KB - Virtual size: 31KB

.data
Size: 322KB - Virtual size: 322KB

.rsrc
Size: 5KB - Virtual size: 5KB