71928b3a5f35353990a5455ba7582ce6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71928b3a5f35353990a5455ba7582ce6_JaffaCakes118
Size

636KB
MD5

71928b3a5f35353990a5455ba7582ce6
SHA1

a5ae3aabb3746a0383aa554978a3659284dc1164
SHA256

347b2e9cc1d8ba479198ddc11b664c576ad9c66cd3118823acc41332cd05b004
SHA512

370f2537edfd8ca9f0bd4505c01a8ad52cc3666964198e34e089db9ca1638eabc26f62848cf75a010dbb2327efcf0efc364925544116f7fed6824b808d470bf3
SSDEEP

12288:d+twmH3OZBrjVXoxDdyrwsG1iHF+GWhSQv6z3s8ZksS2sFmgA/CFa6ep5vh:ewmH+VoxDdyY1iHF+9hSI6z3JZpSrmA4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71928b3a5f35353990a5455ba7582ce6_JaffaCakes118

Files

71928b3a5f35353990a5455ba7582ce6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31634f2fce2ef59b0782df4f4ab8c25d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfo
DoEnvironmentSubstW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA

wininet

GetUrlCacheConfigInfoA
FtpGetCurrentDirectoryA

comctl32

ImageList_GetImageInfo
InitCommonControlsEx

kernel32

GetACP
VirtualQuery
IsValidLocale
SetLastError
GetVersionExA
GetDateFormatA
HeapDestroy
GetEnvironmentStringsW
InitializeCriticalSection
GetModuleFileNameW
IsValidCodePage
GetStringTypeA
QueryPerformanceCounter
GetNumberFormatW
EnterCriticalSection
HeapSize
LoadLibraryA
GetComputerNameA
TlsAlloc
SetEnvironmentVariableA
CompareStringA
FindResourceW
VirtualAlloc
InterlockedExchange
SetConsoleTitleW
GetFileType
GetCurrentThread
GetLastError
SetStdHandle
TlsFree
GetCurrentProcessId
TlsGetValue
GetUserDefaultLCID
GetCurrentProcess
GetStdHandle
GetLocaleInfoW
GetCommandLineW
VirtualProtect
LCMapStringA
CopyFileExA
GetStartupInfoA
GetTimeFormatA
GetProcAddress
OpenMutexA
LeaveCriticalSection
InterlockedDecrement
HeapFree
GetStartupInfoW
GetStringTypeW
GetEnvironmentStrings
ReadFile
VirtualFree
TerminateProcess
FreeEnvironmentStringsW
GetLocaleInfoA
HeapCreate
CompareStringW
MultiByteToWideChar
GetProfileStringW
RtlUnwind
GetCurrentThreadId
WideCharToMultiByte
WriteFile
GetModuleHandleA
EnumSystemLocalesA
GetCPInfo
IsBadWritePtr
GetSystemInfo
GetTimeZoneInformation
HeapAlloc
GetSystemTimeAsFileTime
GetOEMCP
GlobalAddAtomW
GetWindowsDirectoryW
UnhandledExceptionFilter
GetCommandLineA
GetTickCount
FreeEnvironmentStringsA
HeapReAlloc
ExitProcess
TlsSetValue
CloseHandle
FlushFileBuffers
SetHandleCount
LCMapStringW
FindResourceA
CreateMutexA
SetFilePointer
GlobalFix
DeleteCriticalSection
GetModuleFileNameA

user32

DdeCreateStringHandleW
RealGetWindowClass
ShowWindow
SetMenuContextHelpId
DestroyMenu
LoadAcceleratorsA
SetMessageExtraInfo
EnumDesktopsW
DragObject
SetRect
GetTopWindow
TileChildWindows
DdeSetUserHandle
SetWindowsHookW
GetFocus
DeleteMenu
GetUserObjectSecurity
VkKeyScanA
RegisterClassExA
RemovePropW
DestroyWindow
DefWindowProcA
RegisterClassA
CharUpperW
DrawEdge
GetSysColorBrush
CharPrevExA
MessageBoxW
AppendMenuA
CreateWindowExA
MonitorFromRect
GetMenuItemRect
CreateIconFromResource
GetKeyNameTextA

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31634f2fce2ef59b0782df4f4ab8c25d

Headers

File Characteristics

Imports

shell32

wininet

comctl32

kernel32

user32

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 112KB - Virtual size: 121KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 112KB - Virtual size: 121KB

.rsrc
Size: 28KB - Virtual size: 25KB