b26ce1eec51ea655d2fb650f5412d145_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b26ce1eec51ea655d2fb650f5412d145_JaffaCakes118
Size

405KB
MD5

b26ce1eec51ea655d2fb650f5412d145
SHA1

af0ce0604b3bd6f919a01de6a991b2db0a98eb47
SHA256

8209c79e5744590e2f593044507afb93e015024a610ee093ba95134e486b3df7
SHA512

b885a688509a123a374340d0511c6b6bb28219345dd1f555f8bbafd7d8c3eb36f705b63761695020db927bfd56e3ac175ff588ca26947d321ebcd51a125c1a59
SSDEEP

12288:bXByYXBnTBHN7ZTWybWQTTQHqt2EHeS1D7F6:bXByYXBnTBHtZTW0bTkHqt22v4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b26ce1eec51ea655d2fb650f5412d145_JaffaCakes118

Files

b26ce1eec51ea655d2fb650f5412d145_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c752dcd671c71db388b41f17c65b4daf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryPoint
ShellAboutW

user32

UnloadKeyboardLayout
UnhookWindowsHookEx
ClipCursor
GetMenuInfo
GetSubMenu
SetScrollInfo
GetDlgItemTextA

kernel32

TlsAlloc
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeA
FreeEnvironmentStringsW
GetLastError
SetLastError
InterlockedExchange
GetCurrentThread
VirtualAlloc
ExitProcess
TlsGetValue
HeapCreate
GetCPInfo
GetStringTypeW
GetCurrentThreadId
HeapDestroy
LCMapStringA
GetSystemTimeAsFileTime
GetModuleFileNameA
QueryPerformanceCounter
SetHandleCount
TlsSetValue
GetACP
FindResourceW
LoadLibraryA
InitializeCriticalSection
GetEnvironmentStringsW
VirtualQuery
RtlUnwind
HeapAlloc
GetStartupInfoA
HeapFree
WideCharToMultiByte
GetModuleHandleA
VirtualFree
GetCurrentProcess
GetProcAddress
WriteFile
GetEnvironmentStrings
TerminateProcess
GetStdHandle
lstrlenA
LCMapStringW
GetTickCount
GetVersion
GetCommandLineA
LeaveCriticalSection
FreeEnvironmentStringsA
GetFileType
GetCurrentProcessId
IsBadWritePtr
TlsFree
UnhandledExceptionFilter
EnterCriticalSection
GetOEMCP
HeapReAlloc

comdlg32

FindTextW
PageSetupDlgW

wininet

ReadUrlCacheEntryStream
HttpSendRequestExA
SetUrlCacheConfigInfoW
GetUrlCacheGroupAttributeA
InternetHangUp
FindFirstUrlCacheGroup
FtpFindFirstFileW
InternetQueryDataAvailable
InternetGetLastResponseInfoA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c752dcd671c71db388b41f17c65b4daf

Headers

File Characteristics

Imports

shell32

user32

kernel32

comdlg32

wininet

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 3KB - Virtual size: 14KB

.data Size: 276KB - Virtual size: 275KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 3KB - Virtual size: 14KB

.data
Size: 276KB - Virtual size: 275KB

.rsrc
Size: 4KB - Virtual size: 4KB