b4479ce8ed701047c15cb2c0e22e8abd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4479ce8ed701047c15cb2c0e22e8abd_JaffaCakes118
Size

357KB
MD5

b4479ce8ed701047c15cb2c0e22e8abd
SHA1

f584d651b927f1f675cdee32de67dfebfe7bdf81
SHA256

f07cc57e126a23541a6595cd23accf36005d5c292f8af431fa839c6e15426958
SHA512

31db304df45f59090cc624e809710083d119a2cf68614b0ef54575648d50d599eff33d320110af51637584677046a08fc9dcf6d7945eabb12e780f2426893c7f
SSDEEP

6144:lbVgPx94sYNMtzwcpGexhQKFU5QtC/i12FQDi0JhtbNeHpjuPUo7yXJBFC:pGPgsEMZwYGiQKFNMPQDi0JzkzoiJB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4479ce8ed701047c15cb2c0e22e8abd_JaffaCakes118

Files

b4479ce8ed701047c15cb2c0e22e8abd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

750059a2fcb1526926c86cb0eafa3cb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolder
DragQueryFileA
ExtractIconA

wininet

GopherGetAttributeA
HttpCheckDavCompliance
ResumeSuspendedDownload

gdi32

EnumFontFamiliesExA
SetWindowExtEx
GetLogColorSpaceW
MoveToEx
GetEnhMetaFileA
GetTextFaceA
GetCurrentObject
SetBkColor
GetNearestPaletteIndex
CreateDIBitmap
EndPath
GetAspectRatioFilterEx
GetCharWidth32A
GetSystemPaletteUse
CombineTransform
AbortPath
EqualRgn
SetDIBColorTable
PatBlt
FloodFill
UpdateICMRegKeyA
CreateColorSpaceW
GetMetaFileA
CreatePenIndirect

user32

RegisterClassExA
RegisterClassA
InSendMessageEx

comctl32

InitCommonControlsEx

kernel32

GetEnvironmentStrings
SetEndOfFile
SetHandleCount
GetTimeFormatA
GetLocaleInfoA
GetTickCount
GetCommandLineA
GetEnvironmentStringsW
GetSystemInfo
LCMapStringA
WriteFile
TlsSetValue
ReadFile
ReadConsoleA
HeapAlloc
GetDateFormatA
EnumSystemLocalesA
GetLastError
SetEnvironmentVariableA
GetCurrentProcess
GetStringTypeW
RtlUnwind
VirtualAlloc
CompareStringA
GetVersionExA
GetOEMCP
HeapSize
MultiByteToWideChar
OpenSemaphoreW
DeleteCriticalSection
ExitProcess
GetStartupInfoA
TlsAlloc
GetStdHandle
GetCurrentThreadId
GetLocaleInfoW
GetCPInfo
GetTimeZoneInformation
GlobalHandle
LeaveCriticalSection
IsValidCodePage
FlushFileBuffers
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetUserDefaultLCID
IsValidLocale
GetCurrentThread
EnterCriticalSection
IsBadWritePtr
CompareStringW
VirtualFree
WideCharToMultiByte
LoadLibraryA
InterlockedExchange
CreateMutexA
VirtualQuery
HeapDestroy
TerminateProcess
InitializeCriticalSection
UnhandledExceptionFilter
GetModuleFileNameA
QueryPerformanceCounter
GetStringTypeA
GetModuleHandleA
TlsGetValue
SetLastError
GetCurrentProcessId
HeapCreate
HeapFree
CloseHandle
TlsFree
SetFilePointer
SetStdHandle
HeapReAlloc
VirtualProtect
LCMapStringW
GetProcAddress
GetACP
GetFileType
OpenMutexA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

750059a2fcb1526926c86cb0eafa3cb0

Headers

File Characteristics

Imports

shell32

wininet

gdi32

user32

comctl32

kernel32

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 8KB - Virtual size: 17KB

.data Size: 205KB - Virtual size: 205KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 8KB - Virtual size: 17KB

.data
Size: 205KB - Virtual size: 205KB

.rsrc
Size: 8KB - Virtual size: 7KB