71495697ffe3d8d3765de370a8e652c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71495697ffe3d8d3765de370a8e652c4_JaffaCakes118
Size

604KB
MD5

71495697ffe3d8d3765de370a8e652c4
SHA1

dca5cdc4bdb2ae709031b9478a67febf70d8fe7c
SHA256

75a021fd8f92df8cd18d541ecd19b9a38850f6a52cd501f37455e50c4f3bec9d
SHA512

dbf569ca6b0cae6f632f7e1f50b157f013219e5eb717fe042566fa80c2a6c040614d31fcf5966374dc32417e27d3beaf6794fd448298705a5fde5f3765fae3b7
SSDEEP

12288:PEFI8m1S15CXFLkKFJOBXrIIw3cVMxNwTnrHSws0bt4IBOHVn:PEFKD3WPwMpTO8tU1n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71495697ffe3d8d3765de370a8e652c4_JaffaCakes118

Files

71495697ffe3d8d3765de370a8e652c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8dfe0ab4e76016119b52ad36708c02d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetWriteFileExW
InternetGetCookieA
FtpRemoveDirectoryW
SetUrlCacheEntryGroup
InternetConfirmZoneCrossingA
FtpCreateDirectoryW
GetUrlCacheConfigInfoW
GetUrlCacheConfigInfoA
FtpOpenFileW
InternetQueryOptionW
FtpDeleteFileA
GetUrlCacheEntryInfoA
InternetGetCertByURLA
FindFirstUrlCacheEntryExW
InternetConnectA
RetrieveUrlCacheEntryStreamW
CommitUrlCacheEntryW
GopherOpenFileW
FindNextUrlCacheEntryW
UrlZonesDetach
FtpCommandA
HttpEndRequestW
InternetDialA
FtpGetCurrentDirectoryA
CommitUrlCacheEntryA

shell32

ExtractIconExA

user32

ModifyMenuW

gdi32

LineDDA
SetArcDirection
SetICMMode
GetKerningPairsA
GetEnhMetaFilePaletteEntries
SetTextCharacterExtra
MoveToEx
PlayMetaFileRecord
GetObjectW
GetMetaFileW
GetWinMetaFileBits
PtVisible
ResetDCA
WidenPath

kernel32

GetStringTypeA
SetSystemTime
GetLocaleInfoW
VirtualAlloc
GetUserDefaultLCID
WideCharToMultiByte
GetModuleFileNameA
DeleteCriticalSection
GetFileType
GetProcessHeap
LoadLibraryA
VirtualFree
TerminateProcess
EnumSystemLocalesA
InterlockedDecrement
FreeEnvironmentStringsA
RtlUnwind
CreateFileA
SetStdHandle
HeapReAlloc
IsValidCodePage
GetSystemTimeAsFileTime
GetModuleHandleA
MultiByteToWideChar
lstrlenA
SetFilePointer
ExitProcess
CloseHandle
LoadLibraryW
LeaveCriticalSection
LCMapStringA
RaiseException
FoldStringW
GetACP
VirtualQuery
SetUnhandledExceptionFilter
GetStartupInfoA
HeapSize
SetEnvironmentVariableA
TlsFree
TlsGetValue
UnhandledExceptionFilter
IsBadReadPtr
LoadLibraryExA
GetConsoleMode
SetLastError
GetCommandLineA
CompareStringW
InterlockedExchange
GetStdHandle
OutputDebugStringA
HeapValidate
GetProcAddress
DebugBreak
EnterCriticalSection
QueryPerformanceCounter
GetLastError
HeapAlloc
IsDebuggerPresent
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
GetEnvironmentStrings
SetHandleCount
GetStringTypeW
GetTickCount
FreeLibrary
FlushFileBuffers
TlsAlloc
TlsSetValue
GetConsoleOutputCP
IsValidLocale
WriteConsoleW
HeapDestroy
WriteConsoleA
GetEnvironmentStringsW
GetThreadTimes
GetFileTime
WriteFile
GetConsoleCP
GetTimeFormatA
GetCurrentProcessId
SetConsoleCtrlHandler
Sleep
CompareStringA
GetCurrentProcess
GetCPInfo
InterlockedIncrement
CreateDirectoryExA
HeapCreate
HeapFree
GetCurrentThreadId
GetModuleHandleW
GetOEMCP
GetTimeZoneInformation
LCMapStringW
FreeEnvironmentStringsW
GetDateFormatA
GetModuleFileNameW
GetCurrentThread
GetLocaleInfoA

Sections

.text
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 350KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dfe0ab4e76016119b52ad36708c02d6

Headers

File Characteristics

Imports

wininet

shell32

user32

gdi32

kernel32

Sections

.text Size: 245KB - Virtual size: 244KB

.data Size: 350KB - Virtual size: 376KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 245KB - Virtual size: 244KB

.data
Size: 350KB - Virtual size: 376KB

.rsrc
Size: 8KB - Virtual size: 8KB