82744b7d27da45a70dce6d6b1f57bf4b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82744b7d27da45a70dce6d6b1f57bf4b_JaffaCakes118
Size

464KB
MD5

82744b7d27da45a70dce6d6b1f57bf4b
SHA1

f09b597415290d4d140652c685e2f11ae035ea84
SHA256

1ef19509120c6eca2cbc840957e060a2fd6864934612c999343757e149df7553
SHA512

a02deb867d60e32d53cbe8bdab4e25795a9ef0c68844ede00d9a83dfa98d0fd07b43e10be4d9a7915b3ce2e787a0895bc449ff5e0263b258a5022bca999963a1
SSDEEP

12288:L6HPtg0g5mvKRoAQIgE/Az9aFyhUZ2Yx3KbpAsr:LWFg0g5mlBIN/AxaFog32r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82744b7d27da45a70dce6d6b1f57bf4b_JaffaCakes118

Files

82744b7d27da45a70dce6d6b1f57bf4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8516a83afb7bb3792b282d66fc8f57ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetTimeZoneInformation
GetDriveTypeA
Sleep
GetStartupInfoA
DeleteCriticalSection
HeapAlloc
LoadLibraryA
TlsGetValue
LeaveCriticalSection
VirtualFree
GetNamedPipeHandleStateW
CompareStringW
GetCommandLineW
TlsAlloc
TlsFree
GetCPInfo
GetStringTypeA
GetStringTypeW
SetThreadPriority
SetLastError
GetEnvironmentStringsW
GetTimeFormatA
GetFileType
SetEnvironmentVariableA
HeapCreate
UnhandledExceptionFilter
GetStdHandle
GetProcAddress
EnumSystemLocalesA
GetStartupInfoW
HeapFree
GetStringTypeExA
GetEnvironmentStrings
GetPrivateProfileStructW
HeapDestroy
VirtualQuery
LCMapStringW
WriteFile
SetConsoleCtrlHandler
GetCommandLineA
InitializeCriticalSection
TlsSetValue
GetProcessHeap
HeapReAlloc
LCMapStringA
ExitProcess
EnterCriticalSection
CompareStringA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsDebuggerPresent
GetModuleHandleA
GetLocaleInfoW
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
SetHandleCount
WideCharToMultiByte
GetDateFormatA
GetModuleFileNameW
GetCurrentProcessId
GetModuleFileNameA
IsValidCodePage
GetCurrentThread
ContinueDebugEvent
GetTickCount
GetVersionExA
FreeLibrary
GetLocaleInfoA
SetUnhandledExceptionFilter
MultiByteToWideChar
RtlUnwind
GetLastError
GetSystemTimeAsFileTime
InterlockedExchange
IsValidLocale
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GlobalCompact
GetUserDefaultLCID
HeapSize

comdlg32

GetFileTitleW
ChooseColorA
ReplaceTextW
FindTextW
FindTextA
GetSaveFileNameA
PageSetupDlgA
GetSaveFileNameW
PrintDlgA
GetOpenFileNameA
ChooseColorW
GetOpenFileNameW

gdi32

CreateHalftonePalette
PtInRegion
SetStretchBltMode
DeleteObject
FlattenPath
CreateScalableFontResourceA
SetMetaRgn
SetEnhMetaFileBits
GetStockObject
CreateDIBitmap
DeviceCapabilitiesExW
GetViewportExtEx
CreateColorSpaceW
AbortDoc
SwapBuffers
SelectClipPath
EnumFontFamiliesW
GetCharWidthFloatA
RealizePalette
CopyMetaFileW
FrameRgn

wininet

SetUrlCacheConfigInfoA
GetUrlCacheGroupAttributeW
InternetOpenUrlW
GetUrlCacheEntryInfoA
ShowX509EncodedCertificate
InternetSetCookieW
HttpQueryInfoW
InternetGoOnline
IsUrlCacheEntryExpiredA
UnlockUrlCacheEntryFileA
InternetCrackUrlW
InternetCheckConnectionW
HttpAddRequestHeadersW
DeleteUrlCacheEntry
InternetQueryOptionW
SetUrlCacheEntryGroupW
FtpPutFileEx

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8516a83afb7bb3792b282d66fc8f57ad

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

wininet

Sections

.text Size: 171KB - Virtual size: 171KB

.data Size: 276KB - Virtual size: 300KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 171KB - Virtual size: 171KB

.data
Size: 276KB - Virtual size: 300KB

.rsrc
Size: 15KB - Virtual size: 14KB