88c17808ccf86a33d234676c833dc320_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

88c17808ccf86a33d234676c833dc320_JaffaCakes118
Size

547KB
MD5

88c17808ccf86a33d234676c833dc320
SHA1

ae03bcd355a035212c92081028c99d7a62a6d0a8
SHA256

1b557375608b3c94177aadf695767c1e501c94ab8c80c899594632e24ecbcfcb
SHA512

b5bd9220a1dc8284fbfff7bc3101cb30be02db9953fded50e522f6a47c0cf0aa937adf0cc9053e673c4979974bd086c211c6623332c7e7db002d1f46cbc0a8e7
SSDEEP

12288:4z4+3QWxD4395T0yYqComYeKTIC6U1wxIHLjqWOcpMrceLFB+aSQ:7+AWxDEbTPCVKsi102qWjBeLb+aSQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88c17808ccf86a33d234676c833dc320_JaffaCakes118

Files

88c17808ccf86a33d234676c833dc320_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a17c5808cbf50cadc87370fdc254b63f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

CreateUrlCacheEntryA

user32

GetDlgItem
GetWindowTextLengthW
CharUpperW
DefWindowProcA
RegisterClassA
RegisterClassExA
WINNLSGetIMEHotkey

comdlg32

ChooseFontW
ReplaceTextW

kernel32

GetUserDefaultLCID
GetComputerNameW
WriteFile
OpenMutexA
HeapCreate
WriteConsoleW
GetSystemInfo
GetDateFormatA
GetStdHandle
GetEnvironmentStrings
TlsSetValue
AddAtomA
EnterCriticalSection
TerminateProcess
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetStringTypeA
IsValidCodePage
CloseHandle
VirtualProtect
LoadLibraryA
WideCharToMultiByte
HeapDestroy
RtlUnwind
SetFilePointer
GetSystemTimeAdjustment
LCMapStringW
GetProcAddress
SetStdHandle
HeapAlloc
GetStringTypeW
GetCommandLineA
TlsGetValue
SetLastError
QueryPerformanceCounter
GetCurrentThread
InitializeCriticalSection
IsBadWritePtr
GetModuleFileNameA
HeapSize
GetDiskFreeSpaceExA
TransmitCommChar
GetOEMCP
InterlockedIncrement
CompareStringA
VirtualQuery
InterlockedExchange
GetVersionExA
lstrcmp
HeapFree
EnumSystemCodePagesA
GlobalGetAtomNameA
TlsFree
GetThreadPriorityBoost
LeaveCriticalSection
GlobalAddAtomA
InitializeCriticalSectionAndSpinCount
VirtualFree
FreeEnvironmentStringsW
WriteFileEx
MultiByteToWideChar
CreateMutexA
GetCurrentProcess
FindFirstFileExA
SetHandleCount
GetLastError
CompareStringW
GetStartupInfoA
EnumSystemLocalesA
GetExitCodeThread
UnhandledExceptionFilter
ReadFile
ExitProcess
GetCurrentThreadId
VirtualAlloc
GetLocaleInfoA
GlobalSize
GetTickCount
GetFullPathNameA
GetEnvironmentStringsW
IsValidLocale
LCMapStringA
DeleteCriticalSection
SetEnvironmentVariableA
GetWindowsDirectoryW
GetTimeFormatA
FindResourceExW
GetTimeZoneInformation
GetACP
FreeEnvironmentStringsA
TlsAlloc
GetThreadPriority
GetConsoleTitleA
GetModuleHandleA
GetFileType
FlushFileBuffers
GetLocaleInfoW
HeapReAlloc
EnumDateFormatsW

comctl32

InitCommonControlsEx

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a17c5808cbf50cadc87370fdc254b63f

Headers

File Characteristics

Imports

wininet

user32

comdlg32

kernel32

comctl32

Sections

.text Size: 178KB - Virtual size: 177KB

.rdata Size: 8KB - Virtual size: 24KB

.data Size: 356KB - Virtual size: 355KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 178KB - Virtual size: 177KB

.rdata
Size: 8KB - Virtual size: 24KB

.data
Size: 356KB - Virtual size: 355KB

.rsrc
Size: 4KB - Virtual size: 4KB