73a1ed1484449ee7fabd60be3b0aa058_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

73a1ed1484449ee7fabd60be3b0aa058_JaffaCakes118
Size

485KB
MD5

73a1ed1484449ee7fabd60be3b0aa058
SHA1

008ba19be30a21a1b65187b5d8550d6830dfbb06
SHA256

c8a24027cc03f0a1709c0be425054bc089dc39e601bf55f72ea13cb7ab31876b
SHA512

da9ab6178b44a24462c1596bde1d9c266afe1bfabdc7711ac12729463fb0b6d94a7f79635764d738452a9d76b103dcca17ed3f814ff481b4bf0b93fc5215d46b
SSDEEP

12288:YWhKekIlD+Qg1LPiSKyNyJZ2A5WDHEviT0+Fug:OeN+DaSKVJZ22WbxTD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73a1ed1484449ee7fabd60be3b0aa058_JaffaCakes118

Files

73a1ed1484449ee7fabd60be3b0aa058_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a065c80c653c03ed192ccb95e7449843

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\efst\iau

Imports

wininet

InternetOpenUrlW
FindFirstUrlCacheEntryExA
SetUrlCacheHeaderData
FtpGetFileSize
InternetShowSecurityInfoByURLW

user32

CreateAcceleratorTableA
RegisterClassExA
RegisterClassA

kernel32

GetEnvironmentStringsW
GetOEMCP
GetCurrentProcess
SetEnvironmentVariableA
GetLastError
GetTickCount
GetCurrentThreadId
GetProfileIntA
GetStdHandle
GetEnvironmentStrings
IsValidLocale
FreeEnvironmentStringsA
InterlockedExchange
GetCurrentProcessId
MultiByteToWideChar
GetDateFormatA
SetHandleCount
GetCurrentThread
GetModuleHandleA
GetModuleFileNameA
EnumCalendarInfoExW
VirtualFree
GetUserDefaultLCID
QueryPerformanceCounter
UnhandledExceptionFilter
IsBadWritePtr
EnumResourceNamesW
TlsSetValue
GetCommandLineA
GetSystemTimeAsFileTime
GetCommandLineW
CompareStringA
EnumSystemCodePagesA
EnumSystemLocalesA
SetLastError
HeapCreate
GetTimeFormatA
TlsAlloc
LCMapStringW
WideCharToMultiByte
GetStringTypeA
GetSystemInfo
GetLocaleInfoW
GetFileType
TlsGetValue
CloseHandle
TerminateProcess
EnterCriticalSection
GetLocaleInfoA
InitializeCriticalSection
GlobalHandle
GetStringTypeW
RtlUnwind
GetStartupInfoW
HeapAlloc
HeapSize
GetProcAddress
ReleaseSemaphore
SetStdHandle
LeaveCriticalSection
CompareStringW
IsValidCodePage
VirtualQuery
FreeEnvironmentStringsW
HeapFree
VirtualProtect
VirtualAlloc
GetCPInfo
LoadLibraryA
GetACP
HeapDestroy
TlsFree
ReadFile
LCMapStringA
WriteFile
EnumResourceTypesW
GetStartupInfoA
FlushFileBuffers
GetModuleFileNameW
SetComputerNameW
GetTimeZoneInformation
DeleteCriticalSection
ExitProcess
SetFilePointer
HeapReAlloc
EnumSystemCodePagesW
OpenMutexA
GetVersionExA
CreateMutexA

comctl32

InitCommonControlsEx

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a065c80c653c03ed192ccb95e7449843

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

kernel32

comctl32

Sections

.text Size: 350KB - Virtual size: 350KB

.rdata Size: 14KB - Virtual size: 21KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 350KB - Virtual size: 350KB

.rdata
Size: 14KB - Virtual size: 21KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 16KB - Virtual size: 15KB