8708d7bb5f74d5f6665851c8fbcf8f0a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8708d7bb5f74d5f6665851c8fbcf8f0a_JaffaCakes118
Size

430KB
MD5

8708d7bb5f74d5f6665851c8fbcf8f0a
SHA1

323158fccf2c91645826e25fef2d065ae311385b
SHA256

1ccbe7edc6b72cb6bc6ef5ed8ddc594505611187ec631b5f3a00a97448fb7276
SHA512

29c7a87a0d098a7d902c72f2a3ae30930e2abd977096e6d8784109c9d50cb03abb1b68d9f86c6edb20db363c9fd301ea9f5aba5d97fbba7dcc7197634d17e857
SSDEEP

12288:zXfC6qbWdBkZZx4i4LDB4siJ5tlGcL7O7F:7qikuFXB4Pt4cL7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8708d7bb5f74d5f6665851c8fbcf8f0a_JaffaCakes118

Files

8708d7bb5f74d5f6665851c8fbcf8f0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf836692b00471f0a7f41c0605e182d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW
PageSetupDlgA
PrintDlgA

wininet

InternetConfirmZoneCrossingW
GetUrlCacheConfigInfoA
GopherGetAttributeW
IsUrlCacheEntryExpiredW
CommitUrlCacheEntryW
FindNextUrlCacheContainerA

user32

AnyPopup
IsIconic
TrackPopupMenu
DdeCreateStringHandleA
ToUnicode
DestroyMenu
SetMenuItemInfoW
CopyAcceleratorTableA
SendInput
GetDCEx
SetForegroundWindow
LoadStringA
SendNotifyMessageA
AppendMenuW
MapVirtualKeyExW
ChangeDisplaySettingsExW
GetScrollPos
GetKeyState
GetWindowTextW
GetUserObjectSecurity
GetDlgItem

kernel32

VirtualFree
HeapSize
GetFileSize
GetVersionExA
GetACP
TlsSetValue
ExitProcess
GlobalSize
FindAtomA
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
HeapReAlloc
VirtualQuery
TlsAlloc
GetCurrentProcess
GetCPInfo
GetEnvironmentStringsW
GetCommandLineW
EnterCriticalSection
CreateEventW
SetConsoleCtrlHandler
GetFileType
IsDebuggerPresent
GetCommandLineA
GetTimeZoneInformation
GetTimeFormatA
VirtualAlloc
GetCurrentThread
GetDateFormatA
GetTickCount
GetStringTypeA
GetUserDefaultLCID
CompareStringW
MultiByteToWideChar
FreeLibrary
ReadConsoleInputA
CompareStringA
TerminateProcess
TlsGetValue
WriteFile
InterlockedDecrement
GetStartupInfoA
GetProcessHeap
GetCurrentThreadId
Sleep
GetStdHandle
RtlUnwind
HeapDestroy
LCMapStringA
GetModuleFileNameA
SetLastError
LeaveCriticalSection
HeapAlloc
LoadLibraryA
GetStringTypeW
GetModuleFileNameW
IsValidLocale
SetEnvironmentVariableA
GetCurrentProcessId
SetHandleCount
UnhandledExceptionFilter
QueryPerformanceCounter
GetEnvironmentStrings
DeleteCriticalSection
TlsFree
InterlockedIncrement
HeapCreate
GetLocaleInfoA
AddAtomW
WideCharToMultiByte
EnumSystemLocalesA
GetOEMCP
GetFullPathNameW
GetStartupInfoW
FreeEnvironmentStringsW
InitializeCriticalSection
GetLocaleInfoW
HeapFree
GetLastError
LCMapStringW
FreeEnvironmentStringsA
IsValidCodePage
GetModuleHandleA
InterlockedExchange
GetProcAddress
GlobalFree

advapi32

CryptEncrypt
CryptSetProviderA

shell32

DragQueryFileW
ShellExecuteA
SHGetSpecialFolderLocation
ExtractAssociatedIconW
InternalExtractIconListA

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf836692b00471f0a7f41c0605e182d8

Headers

File Characteristics

Imports

comdlg32

wininet

user32

kernel32

advapi32

shell32

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 9KB - Virtual size: 15KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 9KB - Virtual size: 15KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 8KB - Virtual size: 8KB