8b1563a9bf3d41ea5c88454ca706e286_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b1563a9bf3d41ea5c88454ca706e286_JaffaCakes118
Size

763KB
MD5

8b1563a9bf3d41ea5c88454ca706e286
SHA1

195f2a97718c8103c088775fb67d91a712695570
SHA256

a41ef14a7300fde6de4171a5c08b09584ae2543fff7bdb86928e49a1da5351ad
SHA512

8b8c47f699d114005ae9c6b674acab9e604314e41c61292f1d6aac609b36ca91782c96f3b08f8ebc45d7ec0d283b68cff388a52f9c9007c3f0362827dde62a30
SSDEEP

12288:2VL2pCezU3NDHFHytljrDy4a1txPVcK7YMbFaQybeX2x8v9bMhZ/E9QG/5i8:RBkL1KtrO4GxNcWYMhLybu2+v9b4tG/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b1563a9bf3d41ea5c88454ca706e286_JaffaCakes118

Files

8b1563a9bf3d41ea5c88454ca706e286_JaffaCakes118
.exe windows:5 windows x86 arch:x86

76aadce2f2b999d38267eaba424d6e6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
Shell_NotifyIconW

rpcrt4

RpcBindingFromStringBindingW
RpcStringFreeW
RpcImpersonateClient
RpcBindingFree

msvcrt

__set_app_type

ole32

WriteFmtUserTypeStg

comdlg32

GetOpenFileNameA
PrintDlgA

wininet

FtpSetCurrentDirectoryW

kernel32

lstrcmpiW
FindNextFileW
CloseHandle
GlobalAlloc
FindClose
GetModuleFileNameW
CreateEventW
SetLastError
GlobalLock
LoadResource
FlushFileBuffers
GetFullPathNameW
HeapAlloc
GetThreadLocale
GetStringTypeExW
FindResourceW
MulDiv
GlobalUnlock
GetFileAttributesW
HeapFree
WideCharToMultiByte
GetProcessHeap
LockResource
CopyFileW
lstrlenA
ResetEvent
FormatMessageW
Sleep
GetVersionExW
SetFilePointer
GetLastError
GetSystemInfo
SizeofResource
HeapReAlloc
DeleteFileW
CreateProcessW
GlobalFree
MoveFileW
GlobalSize
GetShortPathNameW
WriteFile
GetFileAttributesA
VirtualAlloc
lstrcpyA
ReadFile
lstrlenW
FindFirstFileW
GetUserDefaultLCID
WaitForSingleObject

user32

CopyRect
GetActiveWindow
GetClassNameW
SetDlgItemTextW
GetMenuStringW
SetFocus
IsDialogMessageW
DrawTextW
SetScrollRange
DeferWindowPos
CreateDialogParamW
IsWindowVisible
PostQuitMessage
EndPaint
GetCursorPos

ws2_32

WSAGetLastError

Sections

.data
Size: 415KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76aadce2f2b999d38267eaba424d6e6d

Headers

DLL Characteristics

File Characteristics

Imports

shell32

rpcrt4

msvcrt

ole32

comdlg32

wininet

kernel32

user32

ws2_32

Sections

.data Size: 415KB - Virtual size: 2.0MB

.rsrc Size: 164KB - Virtual size: 164KB

.text Size: 107KB - Virtual size: 106KB

.reloc Size: 512B - Virtual size: 24B

.rdata Size: 74KB - Virtual size: 74KB

.data
Size: 415KB - Virtual size: 2.0MB

.rsrc
Size: 164KB - Virtual size: 164KB

.text
Size: 107KB - Virtual size: 106KB

.reloc
Size: 512B - Virtual size: 24B

.rdata
Size: 74KB - Virtual size: 74KB