a954e5e50eebc51ce64e6818de071405_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a954e5e50eebc51ce64e6818de071405_JaffaCakes118
Size

422KB
MD5

a954e5e50eebc51ce64e6818de071405
SHA1

e32ecd19efb2635fa9a08b1702f5a05fd54905d4
SHA256

d8aedcac47475b987cd4649f140aac92a82759568ac711be0f00e698e9b1be76
SHA512

1a4e8aac84620362245d808f5375acd602fedfcb753466381dc8c976e11455b913875870233068d01552af782a1fc20f3dc973db2ce950e4887f15a6aa33adf2
SSDEEP

6144:nBv8LGzes95tBpCyyZxWQ/Lh+VIeNfGvRQx5JEJ+QlxklkMsun2Ws1g:nBEqzeu5btyz9LKfGvZ+EkkL1g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a954e5e50eebc51ce64e6818de071405_JaffaCakes118

Files

a954e5e50eebc51ce64e6818de071405_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0cfeadbe741e9a543b69d90b65e7c3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

RetrieveUrlCacheEntryFileW
InternetGetLastResponseInfoA

kernel32

GetTickCount
LCMapStringA
GetConsoleTitleW
VirtualProtect
RtlUnwind
OpenMutexW
TlsSetValue
SetEnvironmentVariableA
FreeEnvironmentStringsA
MultiByteToWideChar
GetProfileSectionW
GetSystemTimeAsFileTime
GetFileType
GetCurrentThread
GetDateFormatA
ExitProcess
GetLocaleInfoW
lstrcmpiA
LocalShrink
TlsFree
SetLastError
GetEnvironmentStrings
TerminateProcess
GetUserDefaultLCID
LocalSize
LCMapStringW
GetStartupInfoA
VirtualQuery
EnumSystemLocalesA
GetModuleFileNameA
HeapCreate
InterlockedExchange
GetEnvironmentStringsW
EnterCriticalSection
GetWindowsDirectoryW
GetStdHandle
HeapReAlloc
GetStringTypeW
GetStringTypeA
SetConsoleTitleA
SetSystemTime
GetVersionExA
VirtualUnlock
TlsGetValue
HeapAlloc
HeapSize
SetHandleCount
GetCPInfo
LoadLibraryA
GetSystemDirectoryW
LeaveCriticalSection
GetCurrencyFormatW
InitializeCriticalSection
DeleteFiber
VirtualAlloc
HeapFree
WideCharToMultiByte
GetNumberFormatA
IsValidCodePage
GetLastError
GetSystemInfo
IsBadWritePtr
SetTimeZoneInformation
GetCurrentProcess
WriteFile
GetTimeZoneInformation
GetCurrentProcessId
GetCommandLineA
DeleteCriticalSection
GetACP
GetOEMCP
QueryPerformanceCounter
FlushInstructionCache
HeapDestroy
GetCurrentThreadId
CompareStringA
GetModuleHandleA
GetProcAddress
GetLocaleInfoA
TlsAlloc
SystemTimeToFileTime
VirtualFree
WriteProfileSectionW
UnhandledExceptionFilter
FreeEnvironmentStringsW
IsValidLocale
GetTimeFormatA
lstrcmpW
FindClose
CompareStringW
CommConfigDialogW

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0cfeadbe741e9a543b69d90b65e7c3f

Headers

File Characteristics

Imports

wininet

kernel32

Sections

.text Size: 128KB - Virtual size: 128KB

.rdata Size: 7KB - Virtual size: 17KB

.data Size: 278KB - Virtual size: 277KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 128KB - Virtual size: 128KB

.rdata
Size: 7KB - Virtual size: 17KB

.data
Size: 278KB - Virtual size: 277KB

.rsrc
Size: 7KB - Virtual size: 7KB