64018c29dd091a8b3c663469ea0547e6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

64018c29dd091a8b3c663469ea0547e6_JaffaCakes118
Size

174KB
MD5

64018c29dd091a8b3c663469ea0547e6
SHA1

a48b7f6dac6743a77400d8438c6278f6320f697a
SHA256

3b06e71f4739b0b14dc94acd5a04e91d35b3654407a95618b121c08dacbc0105
SHA512

191462212f5657615f2cf3c8977b764de5ddbe1796b1f96765f3e0ba9e77f538baa88a7d300577bf9cc6c3686f38a4ef03512852723195375af14b3510df5d8a
SSDEEP

3072:3SUYJWQ0McZGVdj5zsQptuWHA9T7IrL6xGaLrtlOkO2f6Zk2WmI332OVidUH:w0MBphsAOTcrLqG9kOja2Wmr2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64018c29dd091a8b3c663469ea0547e6_JaffaCakes118

Files

64018c29dd091a8b3c663469ea0547e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60675bae0da6eeab7541a8e5ff3239bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GlobalUnlock
CreateEventW
FileTimeToSystemTime
HeapValidate
HeapReAlloc
HeapCreate
HeapFree
HeapAlloc
GetCurrentProcess
WriteConsoleW
lstrlenW
LCMapStringA
CloseHandle
MulDiv
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
GetStringTypeW
GetStringTypeA
SetStdHandle
FlushFileBuffers
LoadLibraryA
GetProcAddress
VirtualAlloc
SetFilePointer
GetLastError
GlobalAlloc
QueryPerformanceFrequency
GlobalFree
OpenProcess
GetVersionExW
SetEnvironmentVariableA
IsBadReadPtr
GetModuleFileNameA
WriteFile
RtlUnwind
VirtualFree
LCMapStringW
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
WideCharToMultiByte
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount

user32

AppendMenuW
EmptyClipboard
BeginPaint
DestroyMenu
ValidateRect
SendMessageW
DestroyWindow
MapWindowPoints
FillRect
GetActiveWindow
CreatePopupMenu
GetSysColorBrush
InvalidateRect
DrawFrameControl
PostMessageW
SetWindowLongW
IsDialogMessageW

gdi32

AbortDoc
SetRectRgn
CombineRgn
EndDoc
GetDeviceCaps
SetAbortProc

wininet

InternetOpenW
HttpSendRequestW
HttpAddRequestHeadersW
InternetReadFile
InternetConnectW
InternetSetOptionW
InternetCloseHandle
HttpOpenRequestW

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60675bae0da6eeab7541a8e5ff3239bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

wininet

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 336KB

.rsrc Size: 76KB - Virtual size: 75KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 336KB

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 2KB - Virtual size: 1KB