a10d3ba88edfe75c752822e68545b5f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a10d3ba88edfe75c752822e68545b5f7_JaffaCakes118
Size

2.1MB
MD5

a10d3ba88edfe75c752822e68545b5f7
SHA1

5459b4652ae2a5f58af07f2b3a715a9ccdc082f3
SHA256

72a38f4d7e40d8f8dc5c9d468b34a4624ca2546844a374ed3ba545308281edba
SHA512

5147b1bf0a2663cb85ba268b67745183e4485fde3a4f7f9855e381cb64223be8e596841d5a265385a5e8e72caa0d59a14f70954acda9cb3265423986d17489ac
SSDEEP

49152:Ddc3PFQYC7GfeObN0cA0F+gHxLSWFx6NAwK23qhv8du2h7s8w:+/FQG2GaZS/FPmQ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a10d3ba88edfe75c752822e68545b5f7_JaffaCakes118

Files

a10d3ba88edfe75c752822e68545b5f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d418afa69bce4b7e94d365d31276b1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetStringTypeA
GetCurrentThread
VirtualQuery
GetEnvironmentStringsW
GetCommandLineW
RtlUnwind
WriteFile
TlsGetValue
FlushViewOfFile
EnterCriticalSection
WideCharToMultiByte
LoadLibraryA
TlsFree
HeapAlloc
GetLocaleInfoA
GetStartupInfoA
HeapDestroy
HeapCreate
HeapFree
SetLastError
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetFileType
GetCPInfo
GetLastError
GetCurrentProcessId
InterlockedExchange
GetACP
GetStartupInfoW
GetCommandLineA
CompareStringA
TerminateProcess
LCMapStringA
GetStdHandle
GetTimeFormatA
CompareStringW
SetFilePointer
EnumSystemLocalesA
OpenMutexA
FindNextChangeNotification
VirtualProtect
ExitProcess
GetSystemInfo
GetEnvironmentStrings
UnhandledExceptionFilter
LCMapStringW
GetComputerNameA
CreateMutexA
GetAtomNameA
IsValidLocale
HeapSize
VirtualFree
GetModuleHandleA
GetProcAddress
TlsSetValue
SetHandleCount
TlsAlloc
MultiByteToWideChar
HeapReAlloc
SetEnvironmentVariableA
GetModuleFileNameW
GetVersionExA
GetTimeZoneInformation
InitializeCriticalSection
GetCurrentThreadId
VirtualAlloc
GetOEMCP
LeaveCriticalSection
GetStringTypeW
QueryPerformanceCounter
GetCurrentProcess
GetTickCount
lstrcpyW
GetLocaleInfoW
FreeEnvironmentStringsA
IsValidCodePage
IsBadWritePtr
CloseHandle
SetThreadAffinityMask
ReadFile
DeleteCriticalSection
GetUserDefaultLCID
LocalUnlock
GetDateFormatA
FlushFileBuffers
SetStdHandle

user32

ShowWindow
BroadcastSystemMessageA
InSendMessage
GetClassNameA
CheckDlgButton
MessageBoxW
RegisterClassA
SendMessageTimeoutW
GetKeyNameTextW
IsIconic
ExcludeUpdateRgn
DlgDirListW
GetDlgItem
InvertRect
GetWindowTextA
RegisterClassExA
CreateWindowExA
GetTopWindow
CharPrevExA
TranslateAccelerator
SetMenu
ToAscii
SetForegroundWindow

wininet

InternetTimeFromSystemTimeA
InternetGoOnlineW
FtpRemoveDirectoryW
InternetCrackUrlW
GetUrlCacheGroupAttributeW
FindFirstUrlCacheEntryExW
FtpPutFileEx
FtpRenameFileA
HttpEndRequestA

comctl32

InitCommonControlsEx
ImageList_Write

gdi32

SetMagicColors
ColorCorrectPalette
GetBkColor
GetRandomRgn

Sections

.text
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d418afa69bce4b7e94d365d31276b1d

Headers

File Characteristics

Imports

kernel32

user32

wininet

comctl32

gdi32

Sections

.text Size: 308KB - Virtual size: 308KB

.rdata Size: 74KB - Virtual size: 99KB

.data Size: 1.7MB - Virtual size: 1.7MB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 308KB - Virtual size: 308KB

.rdata
Size: 74KB - Virtual size: 99KB

.data
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 13KB - Virtual size: 12KB