677b90a84e7d27c0070ecd8dc730e202_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

677b90a84e7d27c0070ecd8dc730e202_JaffaCakes118
Size

443KB
MD5

677b90a84e7d27c0070ecd8dc730e202
SHA1

3b2d3e8aadcc25bc541d49fdf68f450908217735
SHA256

6118b9b6418fddf8342fb8b85d98d497ce0bd341dc6b16a81453f377236e27d1
SHA512

418e0d15f7fd9452f7a96257ed6f834a91cfd11ddbceaa3a0dfcd1a128344b1b7fdef7fa5b4e4e120eec176d50f16a84f24cd93e7faf31f01b7a141d8709943f
SSDEEP

6144:Tz9Qqdqbdb4yG5jbHtxU0+RworKH85s16dbg5o1NarrpF+5gZqGX6lNhV45f0ltx:tQCqbCTLH85s16dEiarv+f6Kvu5Uttq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
677b90a84e7d27c0070ecd8dc730e202_JaffaCakes118

Files

677b90a84e7d27c0070ecd8dc730e202_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0293a40a87b8535b224f43baeabf0159

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
MoveFileExW
InitializeCriticalSection
SetConsoleCursorInfo
RtlUnwind
GetProcessHeap
CreateSemaphoreW
GetCurrentProcess
GetLastError
VirtualAlloc
IsDebuggerPresent
HeapCreate
HeapReAlloc
GetDateFormatA
LoadLibraryExA
GetCurrentThread
EnumSystemLocalesA
InterlockedIncrement
GetModuleFileNameA
FreeEnvironmentStringsW
GetOEMCP
ExitProcess
GetCPInfo
GetModuleFileNameW
VirtualFree
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetLocaleInfoA
EnterCriticalSection
GetTimeFormatA
QueryPerformanceCounter
SetLastError
LCMapStringW
lstrcatA
LCMapStringA
SetEnvironmentVariableA
DeleteCriticalSection
HeapAlloc
GetEnvironmentStringsW
HeapFree
WideCharToMultiByte
TlsSetValue
GetCurrentProcessId
LocalReAlloc
GetStartupInfoA
UnhandledExceptionFilter
MultiByteToWideChar
GetStringTypeW
CompareStringW
GetCommandLineA
GetStartupInfoW
FreeEnvironmentStringsA
TlsAlloc
LeaveCriticalSection
HeapDestroy
GetCompressedFileSizeW
TlsGetValue
TlsFree
Sleep
GlobalCompact
SetFileTime
IsValidLocale
WriteFile
EnumDateFormatsExA
CompareStringA
GetStringTypeA
GetProcAddress
GetCommandLineW
GetEnvironmentStrings
GlobalUnfix
HeapSize
InterlockedExchange
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetFileType
VirtualQuery
SetHandleCount
SetConsoleCtrlHandler
UnmapViewOfFile
InterlockedDecrement
GetCurrentThreadId
GetUserDefaultLCID
CreatePipe
TerminateProcess
GetACP
GetVersionExA
CreateDirectoryW
GetModuleHandleA
IsValidCodePage
GetLocaleInfoW
GetStdHandle
AddAtomW

wininet

HttpAddRequestHeadersW
DeleteUrlCacheEntryA
FreeUrlCacheSpaceA
InternetFortezzaCommand
InternetConnectA

shell32

SHGetSpecialFolderPathA
SHGetDesktopFolder
SHGetFileInfo
DragQueryPoint
FindExecutableW
SHQueryRecycleBinA
ShellHookProc
ShellExecuteExW
DragQueryFileAorW

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0293a40a87b8535b224f43baeabf0159

Headers

File Characteristics

Imports

kernel32

wininet

shell32

Sections

.text Size: 124KB - Virtual size: 123KB

.data Size: 311KB - Virtual size: 334KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 123KB

.data
Size: 311KB - Virtual size: 334KB

.rsrc
Size: 7KB - Virtual size: 6KB