aed8bbd20370adbcc3677561e06a09bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aed8bbd20370adbcc3677561e06a09bd_JaffaCakes118
Size

516KB
MD5

aed8bbd20370adbcc3677561e06a09bd
SHA1

73cbd5faa39523bb136c5339a84ff724c8cac81f
SHA256

5f9a8cc2565f238fe2752a0835170e67ebd0c64bbd7bb958c8d48883a61a3a5f
SHA512

bcf00896a4ef827b9ffb724156985c29d5eac17c7d04c3c5e4c6863cb99bef9b95b5a94e717a846e43ab2210df2b8e93681de072f6c9fe7a5b03cf721f039cb4
SSDEEP

12288:Gcxm3qw7+jaFdBFNSNc0tgyAHiRVXRlJ+2:Gc03o8ILCyAHMRRlg2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aed8bbd20370adbcc3677561e06a09bd_JaffaCakes118

Files

aed8bbd20370adbcc3677561e06a09bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f720bb6c290a0deba753a25d61e0ea7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassNameA
GetAsyncKeyState
DdeImpersonateClient
CharLowerBuffW
GetSubMenu
RegisterClassExA
SetUserObjectInformationA
LoadMenuW
DialogBoxParamW
CharUpperBuffA
LoadCursorFromFileA
GetLastActivePopup
RegisterClassA
HideCaret
GetMenuContextHelpId
GetThreadDesktop
ChildWindowFromPoint
DefFrameProcA
PostMessageA
LoadImageW
GetMessageA
MonitorFromRect
LoadStringW
RealGetWindowClass
CopyAcceleratorTableW
DispatchMessageA

kernel32

LoadLibraryA
GetProcAddress
FlushFileBuffers
TlsSetValue
GetOEMCP
GetStdHandle
GetLastError
IsValidCodePage
GetModuleFileNameW
GetEnvironmentStrings
GetUserDefaultLCID
GetModuleHandleA
RtlUnwind
VirtualAlloc
LCMapStringA
SetFilePointer
GetCPInfo
GetCurrentThreadId
GetTickCount
HeapFree
GetLocaleInfoW
GetLocaleInfoA
GetTimeFormatA
IsBadWritePtr
GetSystemInfo
OpenMutexA
GetEnvironmentStringsW
InterlockedExchange
GetStartupInfoW
VirtualProtect
MultiByteToWideChar
GetStartupInfoA
lstrcatW
TlsGetValue
GetCurrentThread
WideCharToMultiByte
DeleteCriticalSection
CompareStringA
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TerminateProcess
HeapAlloc
GetCurrentProcessId
GetDateFormatA
EnumSystemLocalesA
GetCommandLineA
GetCommandLineW
QueryPerformanceCounter
TlsFree
HeapSize
CloseHandle
FreeEnvironmentStringsW
WriteFile
GetModuleFileNameA
HeapReAlloc
HeapCreate
IsValidLocale
GetTimeZoneInformation
HeapDestroy
GetStringTypeW
GetVersionExA
EnterCriticalSection
VirtualFree
SetEnvironmentVariableA
SetStdHandle
ExitProcess
GetFileType
TlsAlloc
InitializeCriticalSection
SetHandleCount
SetLastError
CreateMutexA
GetCurrentProcess
ReadFile
GlobalGetAtomNameW
FreeEnvironmentStringsA
GetStringTypeA
UnhandledExceptionFilter
VirtualQuery
LeaveCriticalSection
GetACP

comdlg32

PrintDlgA
LoadAlterBitmap
ChooseColorW
ChooseFontA

comctl32

InitCommonControlsEx

shell32

SHFileOperationW
ShellExecuteW
ExtractAssociatedIconExW

wininet

FtpGetFileSize
InternetCrackUrlW
InternetTimeToSystemTimeW
InternetSetCookieA
InternetTimeFromSystemTimeA

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f720bb6c290a0deba753a25d61e0ea7b

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

comctl32

shell32

wininet

Sections

.text Size: 185KB - Virtual size: 184KB

.rdata Size: 8KB - Virtual size: 34KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 185KB - Virtual size: 184KB

.rdata
Size: 8KB - Virtual size: 34KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 8KB - Virtual size: 7KB