7403540f3a47d22e10d00f2b818ada4a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7403540f3a47d22e10d00f2b818ada4a_JaffaCakes118
Size

401KB
MD5

7403540f3a47d22e10d00f2b818ada4a
SHA1

4d1e4a5612d65b6c9a3d150f6e47854f21f05449
SHA256

08c4c8d6f82cf7a68e87e09b382bf3a5fa6bad0a8636f7833e24433abedf2243
SHA512

760f6f9e1fbd9b48539ebd4f8f061cb571836aa3c0d5553a428dea72b626bb8c2ad386b7511f47b1b06164b157b66e3bb861adf7e49677d6b579ce74f8771489
SSDEEP

12288:i2888sJ2JT6hxfLYPa1SrrDiSU/ItKuHJ:x8WJ+UfMS1SeSolu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7403540f3a47d22e10d00f2b818ada4a_JaffaCakes118

Files

7403540f3a47d22e10d00f2b818ada4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7aad01de68e8f3c61e6ca8b72e821c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

RegisterUrlCacheNotification
InternetSecurityProtocolToStringA
HttpQueryInfoA
FindNextUrlCacheGroup
RetrieveUrlCacheEntryFileW
HttpOpenRequestA
IncrementUrlCacheHeaderData
InternetQueryOptionW
InternetConnectA
UpdateUrlCacheContentPath
FtpGetFileW
InternetCombineUrlA
SetUrlCacheConfigInfoA
InternetSetOptionW
InternetDial
DeleteUrlCacheContainerA
InternetCrackUrlW
FtpCreateDirectoryW
InternetGoOnlineW
InternetGetLastResponseInfoW

shell32

SheGetDirA
ShellAboutW
ShellExecuteExA
SHGetDesktopFolder
SHGetInstanceExplorer
SHGetSpecialFolderPathA
SHInvokePrinterCommandW
FindExecutableA
RealShellExecuteExA
SHGetSettings
ExtractAssociatedIconExA
ShellExecuteW
SHGetSpecialFolderPathW
InternalExtractIconListW
RealShellExecuteExW
DragQueryFileW
SHGetFileInfoA
SHGetPathFromIDListA
DragQueryFileAorW
SHEmptyRecycleBinW
ExtractAssociatedIconA
DuplicateIcon

advapi32

RegSetValueExA
RegEnumKeyW
LookupAccountSidW
CreateServiceW
CryptEnumProvidersA
CryptContextAddRef
CryptDecrypt
CryptImportKey
RegConnectRegistryA
RegReplaceKeyA
RegQueryValueExA
RegOpenKeyW
RegCreateKeyExW
CryptGetUserKey
CreateServiceA
CryptGetProvParam
CryptAcquireContextA
RegSetValueW
RegEnumKeyExA
CryptVerifySignatureA
DuplicateTokenEx
LookupSecurityDescriptorPartsA
RegConnectRegistryW

comdlg32

GetSaveFileNameA
ChooseFontW
GetOpenFileNameA
FindTextA
PageSetupDlgA
GetSaveFileNameW

kernel32

ExitThread
ReadConsoleInputA
ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
QueryPerformanceCounter
EnumResourceNamesA
GetCurrentProcess
LocalFree
GetTickCount
GetModuleFileNameA
HeapFree
GetVolumeInformationA
LoadLibraryA
SetFileTime
InterlockedExchange
FindResourceExA
TerminateProcess
SetComputerNameA
lstrlenW
VirtualAlloc
VirtualQuery
GetCurrentThreadId
HeapReAlloc
GetCurrentProcessId
RtlUnwind
ContinueDebugEvent
GetModuleHandleA
FreeEnvironmentStringsA
PulseEvent
OpenMutexA
GetProcAddress
UnlockFile

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7aad01de68e8f3c61e6ca8b72e821c9

Headers

File Characteristics

Imports

wininet

shell32

advapi32

comdlg32

kernel32

Sections

.text Size: 126KB - Virtual size: 126KB

.data Size: 264KB - Virtual size: 264KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 126KB - Virtual size: 126KB

.data
Size: 264KB - Virtual size: 264KB

.rsrc
Size: 9KB - Virtual size: 8KB