8de4b7074a9dc3954eef04682e883398_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8de4b7074a9dc3954eef04682e883398_JaffaCakes118
Size

174KB
MD5

8de4b7074a9dc3954eef04682e883398
SHA1

ee012ff8c5f859b4e29e6b6e7db4778afd3845cf
SHA256

5bf6c60891cc0126db8bbcc2a5c3eed00666c5cf09e22ed9a3b4e528ea021272
SHA512

ed9bbe3f4fb01e55a5944cf0922225b8c940fdb984a97bfe81162c10fdddfb93552873da9563d694ed43f897d2438f6b2371d60d125caadf1f9733733c4fb856
SSDEEP

3072:QDB1/U4carE3+8erRKbkXk0q12UL14SjJJs6LJqQziZoCLUpVPiEKJMNQ8b:QD/ndrms9K4F87jH1qma1JKQ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8de4b7074a9dc3954eef04682e883398_JaffaCakes118

Files

8de4b7074a9dc3954eef04682e883398_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fef8fbdfca8493224e19cb9053534b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetCurrentProcess
LoadLibraryW
CloseHandle
WriteFile
GetFileSize
SetFilePointer
CreateFileW
GetCurrentThread
SetTapePosition
FlushFileBuffers
LoadLibraryA
SetEvent
HeapReAlloc
VirtualAlloc
GetLastError
HeapAlloc
GetModuleFileNameA
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
RemoveDirectoryW
GetEnvironmentVariableW
GetShortPathNameW
GetProcAddress
CreateProcessW
GetStdHandle
SetHandleCount
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameW
UnhandledExceptionFilter
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoW
GetModuleHandleA
GetSystemTimeAsFileTime

user32

GetWindowLongW
CallWindowProcW
GetClassInfoExW
AppendMenuW
TrackPopupMenu
GetFocus
RegisterClassExW
SetFocus
SetWindowTextW
SendMessageW
CallNextHookEx
CheckDlgButton
GetIconInfo
IsDialogMessageW
GetCursorPos

gdi32

MoveToEx
LineTo
ExcludeClipRect
SetBkMode

wininet

HttpOpenRequestW
HttpQueryInfoW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetCrackUrlW
InternetOpenW
InternetQueryDataAvailable
InternetQueryOptionW
InternetReadFile
InternetSetOptionW
InternetWriteFile
HttpEndRequestW
InternetAttemptConnect
HttpSendRequestExW
HttpAddRequestHeadersW
InternetErrorDlg

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fef8fbdfca8493224e19cb9053534b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

wininet

Sections

.text Size: 72KB - Virtual size: 68KB

.data Size: 4KB - Virtual size: 333KB

.rsrc Size: 84KB - Virtual size: 83KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 72KB - Virtual size: 68KB

.data
Size: 4KB - Virtual size: 333KB

.rsrc
Size: 84KB - Virtual size: 83KB

.reloc
Size: 10KB - Virtual size: 10KB