ad869e771a34c689587b6aaab4cf94ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad869e771a34c689587b6aaab4cf94ae_JaffaCakes118
Size

503KB
MD5

ad869e771a34c689587b6aaab4cf94ae
SHA1

30e73c3d25eb2b0ce441aa101de7161fc0ae0110
SHA256

033a95b3537cff46f048e409546d723e180340fba2479fe3a6571e71496fb5a4
SHA512

69e9724e281ef1954c4fde617026174c4c3e41139fc5e68c8098d3f7ec5a82d8bd9678ccc7bd1a8df4c7edbf02c6643df5c60b2975a30a7575534ac7704c36de
SSDEEP

12288:HpeExndYWQ1suI+J6Ec4vyG1pCI/ZrmdK+7iIwvi:JecdYWnufI8r3CE+OIwvi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad869e771a34c689587b6aaab4cf94ae_JaffaCakes118

Files

ad869e771a34c689587b6aaab4cf94ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f396e8767b4e71a21c9b0e3159b62e38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameA
GetFileTitleW
FindTextA
ChooseColorA

shell32

CommandLineToArgvW

wininet

UnlockUrlCacheEntryFile
InternetGetConnectedStateExW

kernel32

lstrcatA
FreeEnvironmentStringsW
GetLastError
GetModuleHandleA
IsValidLocale
OpenMutexA
CreateMutexA
ExitProcess
lstrlenW
VirtualQuery
QueryPerformanceCounter
GetEnvironmentStrings
GetLocaleInfoW
GetTimeFormatA
HeapSize
WriteFile
CompareStringW
MultiByteToWideChar
SetFilePointer
IsValidCodePage
HeapFree
GetWindowsDirectoryW
SetStdHandle
GetSystemTimeAsFileTime
LeaveCriticalSection
GetDateFormatA
GetModuleFileNameA
GetACP
EnterCriticalSection
GetStdHandle
GetSystemDirectoryW
DeleteCriticalSection
GetSystemInfo
UnhandledExceptionFilter
SetFileAttributesW
FindNextChangeNotification
VirtualAlloc
InitializeCriticalSection
GetCurrentThreadId
LCMapStringW
TlsAlloc
RtlUnwind
ReadFile
GetOEMCP
GetLocaleInfoA
FindClose
GetTickCount
TlsSetValue
TerminateProcess
GetConsoleMode
CreateWaitableTimerW
GetStartupInfoA
CompareStringA
GetStringTypeW
TlsGetValue
SetEnvironmentVariableA
VirtualFree
GetCommandLineW
LoadLibraryA
EnumSystemLocalesA
GetUserDefaultLCID
GetEnvironmentStringsW
GetStringTypeA
GetVersionExA
VirtualProtect
GetCommandLineA
SetConsoleCursorInfo
GetCPInfo
ReleaseMutex
HeapDestroy
CloseHandle
InterlockedExchange
HeapCreate
GetProcessHeaps
GetModuleFileNameW
IsBadWritePtr
GetProcAddress
WideCharToMultiByte
SetVolumeLabelA
GetTempFileNameW
TlsFree
GetCurrentProcessId
GetTimeZoneInformation
HeapAlloc
GetFileType
FlushFileBuffers
FreeEnvironmentStringsA
GetCurrentThread
GetStartupInfoW
SetLastError
SetHandleCount
WriteConsoleOutputCharacterW
GetCurrentProcess
HeapReAlloc
LCMapStringA

comctl32

InitCommonControlsEx

user32

OpenWindowStationA
RegisterClassA
RegisterClassExA

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f396e8767b4e71a21c9b0e3159b62e38

Headers

File Characteristics

Imports

comdlg32

shell32

wininet

kernel32

comctl32

user32

Sections

.text Size: 169KB - Virtual size: 168KB

.rdata Size: 8KB - Virtual size: 34KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 169KB - Virtual size: 168KB

.rdata
Size: 8KB - Virtual size: 34KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 11KB - Virtual size: 10KB