af8c5f35afd7ab2fad2c82da8792c319_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

af8c5f35afd7ab2fad2c82da8792c319_JaffaCakes118
Size

444KB
MD5

af8c5f35afd7ab2fad2c82da8792c319
SHA1

7e6c3ff91980271005763400f4401e4391c3cbdf
SHA256

811fa90675bccdecf91f8dcbd50c22f20e744e68b94315630d576a78a53235e3
SHA512

dfdbe50669ef10d410e4b2f75521f6ee2f900a5c6e275141ccb0a0abf63bb944cd5f49357c0adff9de9d94962622e46c78ec170c8829d8811182cef20ecb763e
SSDEEP

12288:gbtO12Vu/Ej0N7F5O5t37ft835RdcJEercZ:YU2VgEU7Q37QdcJxr8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af8c5f35afd7ab2fad2c82da8792c319_JaffaCakes118

Files

af8c5f35afd7ab2fad2c82da8792c319_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea3a51d5bf317791b3fa32271db5a4dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA
ReplaceTextA
GetSaveFileNameW
ChooseFontW

user32

SetClassLongW
EnumDisplaySettingsExW
IsMenu
DlgDirSelectExA
BlockInput
DrawStateW
ChangeDisplaySettingsA
GetTabbedTextExtentA
GetNextDlgGroupItem
CloseWindowStation
CharNextA
DrawAnimatedRects
IsCharUpperW
ClientToScreen
DdeConnect
DeferWindowPos

wininet

InternetFindNextFileW
InternetFindNextFileA
GetUrlCacheConfigInfoW
CreateUrlCacheContainerW
InternetReadFileExA
GetUrlCacheEntryInfoExW
InternetDialA
FtpFindFirstFileW
InternetTimeToSystemTimeA

gdi32

PolylineTo
EnumFontFamiliesExW
GetTextCharacterExtra
InvertRgn
GetBitmapBits
GetBkMode
ExtCreatePen
CreateDCW
GetBoundsRect
SetColorAdjustment
GetWindowExtEx

kernel32

GetStartupInfoW
GetACP
GetTickCount
TerminateProcess
GlobalLock
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThread
IsValidCodePage
GetStartupInfoA
GetStdHandle
LCMapStringA
VirtualFree
SetFileAttributesW
TlsGetValue
FreeEnvironmentStringsA
GetModuleHandleA
QueryPerformanceCounter
EnterCriticalSection
GetEnvironmentStrings
GetTimeFormatA
HeapAlloc
GetProcessHeap
EnumSystemLocalesA
TlsFree
SetConsoleOutputCP
SetConsoleCtrlHandler
HeapReAlloc
HeapSize
RtlUnwind
WideCharToMultiByte
HeapCreate
GetCommandLineW
FreeLibrary
GetProcAddress
DeleteCriticalSection
GetConsoleOutputCP
LoadLibraryA
InterlockedIncrement
GetLocaleInfoW
GetCurrentProcess
TlsAlloc
SetHandleCount
HeapFree
InterlockedExchange
GetModuleFileNameW
TlsSetValue
GetStringTypeW
CompareStringW
GetFileType
GetLastError
WriteFile
GetCommandLineA
GetDateFormatA
GetProcAddress
GetCurrentThreadId
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetCurrentProcessId
LeaveCriticalSection
SetLastError
GetStringTypeA
SetSystemTime
GetUserDefaultLCID
VirtualAlloc
SetEnvironmentVariableA
InterlockedDecrement
InitializeCriticalSection
GetEnvironmentStringsW
GetOEMCP
VirtualQuery
GetLocaleInfoA
GetCPInfo
GetTimeZoneInformation
MultiByteToWideChar
IsDebuggerPresent
CompareStringA
GetModuleFileNameA
LCMapStringW
ExitProcess
SetConsoleWindowInfo
GetVersionExA
HeapDestroy
Sleep
IsValidLocale

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea3a51d5bf317791b3fa32271db5a4dc

Headers

File Characteristics

Imports

comdlg32

user32

wininet

gdi32

kernel32

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 9KB - Virtual size: 24KB

.data Size: 281KB - Virtual size: 280KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 9KB - Virtual size: 24KB

.data
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 11KB - Virtual size: 10KB