b631f8e32eb43a6d659df5aca4f90cac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b631f8e32eb43a6d659df5aca4f90cac_JaffaCakes118
Size

406KB
MD5

b631f8e32eb43a6d659df5aca4f90cac
SHA1

a5fdbb971fe7074578553c7438e308e55f89e4ae
SHA256

9ff837270a9c4d88b18f12ad17ea3b6dd45b9af269d6733b62603f015b62925a
SHA512

69893a5578bc19a6ee7dbb23093eeb0686c18e36d209200d7416d456b082d4f96900598faf25a59b695ff83b1714f2b18e6fb887fcc8fa9a5ca8a66075e6b0fb
SSDEEP

6144:P+jIDYeVB5i0qrDb2FgXgBoz8JMr6ALb60wOEXjCijidfr9lj88LDkJB244dN:P7Ni72FgXz8SmQPwHXm7xDjL2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b631f8e32eb43a6d659df5aca4f90cac_JaffaCakes118

Files

b631f8e32eb43a6d659df5aca4f90cac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8ae6c6c597ae15289a8cf878b9313c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractAssociatedIconExW
CommandLineToArgvW
RealShellExecuteExW
SHBrowseForFolderA

user32

CreateCaret
IsIconic
CreateMenu
BroadcastSystemMessage
ReleaseDC
GrayStringA
EnableScrollBar
IsClipboardFormatAvailable
ShowScrollBar
CheckMenuItem
SendMessageA
GetFocus
IsWindowVisible
GetWindowPlacement
DrawTextExW
GetClassLongA
wsprintfW
GetPriorityClipboardFormat
wsprintfA
ValidateRect
DefFrameProcW

wininet

SetUrlCacheConfigInfoW
InternetSetCookieW
FtpGetCurrentDirectoryA
GetUrlCacheConfigInfoA
ShowClientAuthCerts
GetUrlCacheGroupAttributeA
UpdateUrlCacheContentPath
InternetSetDialStateW

kernel32

GetACP
TlsSetValue
GetProcAddress
GetCurrentProcess
SetLastError
GetCurrentThreadId
GetFullPathNameW
HeapAlloc
GetEnvironmentStrings
GetModuleFileNameA
GetStringTypeA
LCMapStringW
GetStringTypeW
UnhandledExceptionFilter
TlsGetValue
HeapFree
LoadLibraryA
GetStartupInfoA
InterlockedExchange
SetHandleCount
TlsAlloc
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
LCMapStringA
SetLocaleInfoW
GetCommandLineA
FreeEnvironmentStringsA
WritePrivateProfileStringA
GetCurrentProcessId
GetThreadPriorityBoost
RtlUnwind
ExitProcess
GetEnvironmentStringsW
EnterCriticalSection
AddAtomA
GetVersion
LeaveCriticalSection
OpenSemaphoreW
TlsFree
GetStdHandle
WideCharToMultiByte
GetFileType
InitializeCriticalSection
GetLastError
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetOEMCP
FreeEnvironmentStringsW
HeapCreate
DeleteCriticalSection
VirtualFree
WriteFile
TerminateProcess
IsBadWritePtr
GetSystemTimeAsFileTime
VirtualQuery
WriteConsoleA
GetCPInfo
HeapDestroy
GetModuleHandleA

comdlg32

GetFileTitleA
FindTextW
ReplaceTextW

gdi32

SetColorAdjustment
GetRandomRgn
IntersectClipRect
GetCharacterPlacementA
DeleteDC
SetSystemPaletteUse
GetColorAdjustment
GetTextColor
GetTextCharset
GetEnhMetaFileHeader
CreatePalette
EnumFontsW
SetGraphicsMode
CopyMetaFileA
Polyline
GetEnhMetaFilePaletteEntries
GetMetaFileA
ResizePalette
PolyTextOutA
Chord
CancelDC
Pie

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8ae6c6c597ae15289a8cf878b9313c3

Headers

File Characteristics

Imports

shell32

user32

wininet

kernel32

comdlg32

gdi32

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 4KB - Virtual size: 33KB

.data Size: 276KB - Virtual size: 276KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 4KB - Virtual size: 33KB

.data
Size: 276KB - Virtual size: 276KB

.rsrc
Size: 7KB - Virtual size: 6KB