7ce93e540de95b4153b953b9070d6f36_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7ce93e540de95b4153b953b9070d6f36_JaffaCakes118
Size

396KB
MD5

7ce93e540de95b4153b953b9070d6f36
SHA1

2909fe83cc2754daa8223c40e0f9d2cc8291ee4f
SHA256

ffb5d8c941c81435ec6998e1edb72a0c3224158a87451975ecd201c11bdb4b85
SHA512

814a003b80a107582721be7a21903f31104b9d0499a4a233508c28601ac21c94c52c87c63f7411798aef838cb0b7cb7a59b208b1289fa1bbfed96af6330b0fe2
SSDEEP

12288:pli+DBCYyRl9iIgMw6T+etB7T2B5ZTzFxOUgx:9yGTxOUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7ce93e540de95b4153b953b9070d6f36_JaffaCakes118

Files

7ce93e540de95b4153b953b9070d6f36_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dd23c53e3614726b94b2b3a33dc920d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindNextUrlCacheEntryExW

clusapi

GetClusterFromResource

kernel32

GetFileTime
VirtualQueryEx
GetConsoleCP
Module32Next
GetFileAttributesA
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetACP
VirtualQuery
FindFirstFileExW
SetLastError
GetCommandLineA
GetVersionExA
GetStartupInfoA
HeapAlloc
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
OutputDebugStringA
LoadLibraryExA
InitializeCriticalSection
GetCPInfo
GetOEMCP
Sleep
RtlUnwind
UnhandledExceptionFilter
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
TerminateProcess
GetCurrentProcess
VirtualProtect
GetSystemInfo

shell32

ExtractIconA

gdi32

GetFontData
GetCurrentPositionEx
DescribePixelFormat

user32

EqualRect

advapi32

EnumServicesStatusExW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd23c53e3614726b94b2b3a33dc920d2

Headers

DLL Characteristics

File Characteristics

Imports

wininet

clusapi

kernel32

shell32

gdi32

user32

advapi32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 116KB - Virtual size: 114KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 100KB - Virtual size: 98KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 116KB - Virtual size: 114KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 100KB - Virtual size: 98KB