96cb5a309b59dc2405d8454274cbbc20_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

96cb5a309b59dc2405d8454274cbbc20_JaffaCakes118
Size

498KB
MD5

96cb5a309b59dc2405d8454274cbbc20
SHA1

72abe66d7011e5f00546d0e76547f0bf64e6eb89
SHA256

c3929da3004081e1ac6be775eb61d5e4a7e7a43189a1e6900aa8455b03ebc987
SHA512

f376481202dbd3a830d43c77a5ff6bb45a2963e331a06c3bf8e4f5aa6e3c14c2a0e8018ee1b8117bbda5f391dcef240b83d49d161fa85b1c2a88da62dd16148d
SSDEEP

12288:KzWM3zQsWYmdQClny0g4lahbA+9rDurepZ:KzWM30AtMtTEh0cVp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96cb5a309b59dc2405d8454274cbbc20_JaffaCakes118

Files

96cb5a309b59dc2405d8454274cbbc20_JaffaCakes118
.exe windows:4 windows x86 arch:x86

300b0169e225e53ac202d9edb4d37982

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseFontW
ChooseFontA

wininet

InternetShowSecurityInfoByURLA
InternetDialA
CommitUrlCacheEntryA
InternetHangUp
InternetQueryOptionA
SetUrlCacheEntryGroupW

advapi32

InitiateSystemShutdownA
RegQueryInfoKeyW
CryptGetDefaultProviderA
RegDeleteValueW

shell32

SHGetSpecialFolderLocation

user32

DragObject
RegisterClipboardFormatW
RegisterClassA
RegisterClassExA
GetClassInfoExA

kernel32

MultiByteToWideChar
GetProcessHeap
GetProcAddress
SetEnvironmentVariableA
GetStartupInfoW
QueryPerformanceCounter
GetModuleHandleA
GetFileType
GetSystemTimeAsFileTime
GetProcessHeaps
GetCurrencyFormatA
GlobalFindAtomA
LeaveCriticalSection
LocalFree
GetCommandLineA
LoadLibraryA
InterlockedExchange
GetModuleFileNameA
lstrcpynW
WideCharToMultiByte
DeleteCriticalSection
GetTickCount
TlsGetValue
TlsAlloc
GetSystemInfo
LCMapStringA
IsBadWritePtr
TlsFree
GetACP
WriteFile
InitializeCriticalSection
GetTimeZoneInformation
GetEnvironmentStringsW
HeapFree
SetFilePointer
FreeEnvironmentStringsA
GetModuleFileNameW
ExitProcess
CreateEventA
SetHandleCount
CompareStringW
CreateMutexA
GetTimeFormatA
VirtualProtect
VirtualFree
EnumSystemLocalesA
VirtualQuery
EnterCriticalSection
HeapReAlloc
GetCurrentProcessId
GetUserDefaultLCID
GetCommandLineW
TerminateProcess
WritePrivateProfileStringW
GetPrivateProfileIntA
GetLastError
RtlUnwind
GetLocaleInfoW
HeapSize
GlobalAddAtomA
CompareStringA
CreateFileW
GetVersionExA
FreeEnvironmentStringsW
ReadFile
GetEnvironmentStrings
GetCurrentThreadId
GetCurrentProcess
HeapAlloc
FlushFileBuffers
GetStringTypeA
TlsSetValue
EnumResourceTypesW
GetStartupInfoA
GetCurrentThread
IsValidLocale
SetStdHandle
UnhandledExceptionFilter
OpenMutexA
CloseHandle
GetLocaleInfoA
HeapDestroy
GetOEMCP
SetLastError
GetDateFormatA
IsValidCodePage
GetStdHandle
LCMapStringW
RemoveDirectoryW
GetStringTypeW
VirtualAlloc
GetCPInfo
HeapCreate
SetSystemTime

comctl32

InitCommonControlsEx

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

300b0169e225e53ac202d9edb4d37982

Headers

File Characteristics

Imports

comdlg32

wininet

advapi32

shell32

user32

kernel32

comctl32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 8KB - Virtual size: 20KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 8KB - Virtual size: 20KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 11KB - Virtual size: 11KB