64525b7c2b16ecb55e286fc11d266abb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64525b7c2b16ecb55e286fc11d266abb_JaffaCakes118
Size

232KB
MD5

64525b7c2b16ecb55e286fc11d266abb
SHA1

34c51798dcbe7c0ea7c56649e68d8da5aa209766
SHA256

ab29bbcecece3e2e70244fbb13954bf9125f55a1ca27ee6ace974dbce13b3f2b
SHA512

3a0ccb4d85c1eacc5dba8084d40488867c3b0509f2a589f2672bcc3583d66d48f2595b593a9ae21fc9171b77942492c933501e0f058d6b1eebe72dc9e277f707
SSDEEP

6144:Z0dZfOKPhgjovLt5vAKrb5qZHNRrxDLXWYa0EY6f:Z8fOCXLrhgZHNXLGj3Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64525b7c2b16ecb55e286fc11d266abb_JaffaCakes118

Files

64525b7c2b16ecb55e286fc11d266abb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab3df8db6de56859bc05abbf21ed0feb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetFileType
VirtualFree
GetDateFormatA
RtlUnwind
LCMapStringA
GetCurrentThread
GetCurrentProcess
HeapSize
VirtualAlloc
WriteFile
TlsSetValue
HeapReAlloc
GetUserDefaultLCID
EnterCriticalSection
GetTimeZoneInformation
GetOEMCP
WideCharToMultiByte
GetModuleFileNameA
GetStartupInfoW
IsValidLocale
ExitProcess
GetStringTypeW
IsValidCodePage
MultiByteToWideChar
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSection
GetModuleFileNameW
SetLastError
QueryPerformanceCounter
DeleteCriticalSection
TlsFree
GetCPInfo
VirtualQuery
GetCurrentThreadId
GetLocaleInfoW
HeapAlloc
HeapCreate
HeapFree
CompareStringA
TerminateProcess
GetCurrentProcessId
GetCommandLineW
LCMapStringW
IsBadWritePtr
OpenWaitableTimerA
SetHandleCount
GetLocaleInfoA
GetSystemInfo
LeaveCriticalSection
GetStartupInfoA
TlsGetValue
VirtualProtect
FreeEnvironmentStringsA
GetEnvironmentStrings
GetModuleHandleA
EnumSystemLocalesA
GetStringTypeA
GetCommandLineA
CompareStringW
HeapDestroy
GetACP
FreeEnvironmentStringsW
GetLastError
SetEnvironmentVariableA
GetProcAddress
GetTimeFormatA
GetVersionExA
GetEnvironmentStringsW
UnhandledExceptionFilter
InterlockedExchange
TlsAlloc

wininet

InternetGetCertByURLA
InternetCheckConnectionA
HttpAddRequestHeadersA
GopherGetAttributeA
InternetQueryDataAvailable
InternetTimeToSystemTimeA
SetUrlCacheEntryInfoW
FindCloseUrlCache
InternetQueryOptionA
InternetGetLastResponseInfoW
FindFirstUrlCacheEntryA
SetUrlCacheEntryGroup
InternetErrorDlg
FtpGetCurrentDirectoryA
ShowSecurityInfo
GetUrlCacheEntryInfoExW
FindFirstUrlCacheEntryW
CreateUrlCacheEntryW
FtpCommandW
InternetSetOptionW
ShowClientAuthCerts
ShowX509EncodedCertificate
GopherGetAttributeW
FindFirstUrlCacheEntryExA
GopherCreateLocatorW

advapi32

LookupAccountNameW
CryptDuplicateKey
CryptAcquireContextA
LookupAccountSidW
RegDeleteKeyA
CryptEnumProvidersW
CryptDeriveKey
LookupPrivilegeValueA
RegEnumKeyW
CryptSetProviderExA
CryptDestroyHash
RegEnumKeyExW
RegEnumValueA
CryptImportKey
ReportEventA

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab3df8db6de56859bc05abbf21ed0feb

Headers

File Characteristics

Imports

kernel32

wininet

advapi32

Sections

.text Size: 113KB - Virtual size: 112KB

.data Size: 109KB - Virtual size: 109KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 113KB - Virtual size: 112KB

.data
Size: 109KB - Virtual size: 109KB

.rsrc
Size: 8KB - Virtual size: 8KB