679551afcba3aa25f3cdfbb45cc02d2a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

679551afcba3aa25f3cdfbb45cc02d2a_JaffaCakes118
Size

262KB
MD5

679551afcba3aa25f3cdfbb45cc02d2a
SHA1

7eaee3139a11e018ac01e4faa241626de03c2166
SHA256

2a5f8841cd8edc99906666715a487992f326fd7b8d763e0ee77174043fa87901
SHA512

98afd981ca6a810c55358af9f6d6a715ee1d15a554996b0b96aaa87adba52790908d070c16ffbb6997adf895919cf75d554d1b2e8cd7a93fb141428ac4284932
SSDEEP

6144:9bm2449pQ4rxQX9q9gNmfWACBMOhF+DIxurljMT:QA9pQ4SogNmf6BFyDLrlIT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
679551afcba3aa25f3cdfbb45cc02d2a_JaffaCakes118

Files

679551afcba3aa25f3cdfbb45cc02d2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1aeede42d78e479f7351936065c7d03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

ReadFile
HeapAlloc
GetModuleFileNameW
GetSystemTime
GlobalHandle
GetCPInfo
TlsSetValue
InterlockedIncrement
GetEnvironmentStringsW
CreateMutexA
GetVersion
GetEnvironmentStrings
TlsFree
WriteFile
GetModuleFileNameA
TlsGetValue
GetLocalTime
TlsAlloc
RtlUnwind
DeleteCriticalSection
FreeEnvironmentStringsA
CompareStringW
GetLogicalDrives
LoadModule
QueryPerformanceCounter
GetCommandLineW
GetStringTypeW
GetTickCount
CompareStringA
SetTimeZoneInformation
IsBadWritePtr
GetStartupInfoW
GetFileType
MultiByteToWideChar
SetEnvironmentVariableA
EnterCriticalSection
FreeEnvironmentStringsW
SetLastError
UnhandledExceptionFilter
GetCurrentThreadId
CloseHandle
LeaveCriticalSection
GetStdHandle
LCMapStringA
GetStartupInfoA
GetCommandLineA
LoadLibraryA
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
VirtualQuery
GetProcAddress
VirtualAlloc
MapViewOfFile
HeapReAlloc
InitializeCriticalSection
GetTimeZoneInformation
GetStringTypeA
HeapDestroy
HeapCreate
TerminateProcess
FlushFileBuffers
GetLastError
VirtualFree
LCMapStringW
SetHandleCount
GetModuleHandleA
GetCurrentThread
InterlockedExchange
SetStdHandle
OpenMutexA
ExitProcess
InterlockedDecrement
WideCharToMultiByte
SetFilePointer
GetCurrentProcess

wininet

InternetGoOnline
HttpQueryInfoA
InternetQueryFortezzaStatus
InternetFindNextFileW
RetrieveUrlCacheEntryStreamA

user32

SetSysColors
TrackMouseEvent
GetKeyboardLayoutNameW
DlgDirSelectComboBoxExA
MapVirtualKeyW
DrawFrameControl
RegisterClassA
DispatchMessageW
ShowOwnedPopups
RegisterClassExA
IsCharUpperW
CreateWindowStationW

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1aeede42d78e479f7351936065c7d03

Headers

File Characteristics

Imports

comctl32

kernel32

wininet

user32

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 4KB - Virtual size: 12KB

.data Size: 143KB - Virtual size: 143KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 4KB - Virtual size: 12KB

.data
Size: 143KB - Virtual size: 143KB

.rsrc
Size: 6KB - Virtual size: 6KB