859465c5fac9b1cde7a1b0ff898e2e07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

859465c5fac9b1cde7a1b0ff898e2e07_JaffaCakes118
Size

706KB
MD5

859465c5fac9b1cde7a1b0ff898e2e07
SHA1

28c1f6367974a310f942374245508456fb37902b
SHA256

99c8a405c240c9261ad5050fdf6132d9476ebae4ba061ac0fe655997a27f5b0d
SHA512

41076a407a667fc7d62e3fd092ea26ffd812f217d40968b4e4d3ee61eccc8d6733e358a5254b2a9fa9657d42d36dc7dadea5b7bfc14eb091475b185082d63511
SSDEEP

12288:YobgmM1Y2cXO0zWLP3D8jp1K0AnEod/p6pkg3Zj3V:YfwkA7JA3xp6pZj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
859465c5fac9b1cde7a1b0ff898e2e07_JaffaCakes118

Files

859465c5fac9b1cde7a1b0ff898e2e07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91cc83d7be148f8ba5c2afc3599b1779

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
ReplaceTextW
GetOpenFileNameA
GetFileTitleA

comctl32

InitCommonControlsEx

kernel32

SetCurrentDirectoryW
TlsGetValue
UnhandledExceptionFilter
OpenMutexA
GetOEMCP
GetLocaleInfoW
TlsFree
IsValidCodePage
GetACP
CloseHandle
GetEnvironmentStrings
GetStartupInfoA
VirtualFree
GetStdHandle
CompareStringA
EnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentThread
QueryPerformanceCounter
TlsAlloc
GetTimeFormatA
LCMapStringA
GetFileType
ExitProcess
GetSystemInfo
SetEnvironmentVariableA
RtlUnwind
HeapCreate
MultiByteToWideChar
SetConsoleWindowInfo
SetLastError
GetTimeZoneInformation
SetStdHandle
DeleteFileA
GetModuleFileNameA
IsValidLocale
GetLocaleInfoA
GetStartupInfoW
GetVersionExA
GetModuleFileNameW
GetStringTypeA
GetPriorityClass
TerminateProcess
RaiseException
FreeEnvironmentStringsW
GetThreadSelectorEntry
FindClose
WriteFile
HeapDestroy
WideCharToMultiByte
CreateMutexA
HeapFree
GetCurrentProcess
FlushFileBuffers
HeapAlloc
EnumSystemLocalesA
FreeEnvironmentStringsA
GetEnvironmentStringsW
GetDateFormatA
GetCPInfo
CompareStringW
GetCurrentThreadId
GetProcAddress
GetCommandLineA
ReadFile
LeaveCriticalSection
GetUserDefaultLCID
SystemTimeToFileTime
SetHandleCount
HeapSize
GetProcessHeap
GetCurrentProcessId
VirtualAlloc
VirtualProtect
HeapReAlloc
GetCommandLineW
GetStringTypeW
SetFilePointer
GetLastError
GetTickCount
GetModuleHandleA
WriteConsoleOutputW
IsBadWritePtr
DeleteCriticalSection
InitializeCriticalSection
ResetEvent
TlsSetValue
LoadLibraryA
InterlockedExchange
CreateThread
VirtualQuery
TerminateThread
LCMapStringW
SetThreadContext

advapi32

LogonUserW
LookupPrivilegeDisplayNameA

shell32

SHBrowseForFolderA
ShellExecuteW
SHGetMalloc

user32

EndDialog
InSendMessageEx
RegisterClassA
RegisterClassExA

wininet

InternetSetDialState
HttpSendRequestW
FindCloseUrlCache
FtpGetCurrentDirectoryA
FreeUrlCacheSpaceA

Sections

.text
Size: 522KB - Virtual size: 521KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91cc83d7be148f8ba5c2afc3599b1779

Headers

File Characteristics

Imports

comdlg32

comctl32

kernel32

advapi32

shell32

user32

wininet

Sections

.text Size: 522KB - Virtual size: 521KB

.rdata Size: 49KB - Virtual size: 61KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 522KB - Virtual size: 521KB

.rdata
Size: 49KB - Virtual size: 61KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 20KB - Virtual size: 20KB