a39b30d72901fd187f235576d35e61ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a39b30d72901fd187f235576d35e61ba_JaffaCakes118
Size

390KB
MD5

a39b30d72901fd187f235576d35e61ba
SHA1

4148377827a03e722be975793e2003aaab52aaad
SHA256

7874bd343916c814d9664a14125c3e80810b4b5506b4736dbfb3ea23f53b33b1
SHA512

b80ea7ae34a1ff1b8cb9a1a01a7aa6509afeb79fd1316400ba7f4ec5a2b9c7811f2e129eeb720331735fff8389dc343ed45f944c1e46073a414dff9dbca73ae9
SSDEEP

6144:go/h/fK+3s2VAxRORhu0dcP2XWH+ySFqwn3qKR8GCC7hcJeHiqarzXOuUE:PVyd2QcRPG2GH+3QwnaQMuhcJSyXZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a39b30d72901fd187f235576d35e61ba_JaffaCakes118

Files

a39b30d72901fd187f235576d35e61ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcae28b747ae00ff5d94c841e98f804b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetWriteFileExA
InternetSetCookieA
InternetCanonicalizeUrlA
GetUrlCacheGroupAttributeW
IsUrlCacheEntryExpiredW

kernel32

GetCurrentThread
UnhandledExceptionFilter
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
GetVolumeInformationW
MultiByteToWideChar
GetOEMCP
GetCPInfo
GetCommandLineA
GetVersion
GetTickCount
GetLongPathNameA
GetCurrentThreadId
EnterCriticalSection
GetProfileStringA
LCMapStringA
HeapLock
WriteFile
HeapCreate
FreeEnvironmentStringsW
VirtualFree
GetACP
WritePrivateProfileStringW
SetHandleCount
HeapDestroy
DeleteCriticalSection
GetCurrentProcess
TlsGetValue
TlsFree
IsBadWritePtr
VirtualQuery
WriteConsoleW
InitializeCriticalSection
HeapReAlloc
TlsSetValue
RtlUnwind
GetLastError
InterlockedExchange
LeaveCriticalSection
GetEnvironmentStrings
GetCurrentProcessId
GetModuleHandleA
FindNextFileW
LocalCompact
CompareStringW
TerminateProcess
WideCharToMultiByte
SetLastError
VirtualAlloc
FreeEnvironmentStringsA
EnumTimeFormatsW
GetStringTypeA
GetEnvironmentStringsW
GetWindowsDirectoryW
IsValidCodePage
TlsAlloc
HeapAlloc
GetStartupInfoA
lstrlenA
GetSystemTimeAsFileTime
WriteConsoleOutputA
CreateWaitableTimerA
GetPrivateProfileSectionA
LoadLibraryA
HeapFree
LCMapStringW
GetStringTypeW
QueryPerformanceCounter
GetProcAddress
GetModuleFileNameA

advapi32

CreateServiceA
LogonUserA

user32

CallWindowProcA
IsCharAlphaA
OemKeyScan
WindowFromDC
OpenWindowStationA

shell32

SHLoadInProc
SHBrowseForFolder

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcae28b747ae00ff5d94c841e98f804b

Headers

File Characteristics

Imports

wininet

kernel32

advapi32

user32

shell32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 29KB

.data Size: 273KB - Virtual size: 272KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 29KB

.data
Size: 273KB - Virtual size: 272KB

.rsrc
Size: 12KB - Virtual size: 11KB