b6f90936a14dcc6f81529211baf4e421_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b6f90936a14dcc6f81529211baf4e421_JaffaCakes118
Size

452KB
MD5

b6f90936a14dcc6f81529211baf4e421
SHA1

762320f314efe1d8547ce9a80d821e456c8f4cbf
SHA256

85db37de622339c3df26aa0c689a84ae2917becf99c847afff4bd6d52955b844
SHA512

cdf72c99da8f2b973a4d75567af60d5a5e9dbb0ebefdf8bd42aac6ba561df91919d9000bedcfe6e75a553dda3ea13aa0aa0567ac5aba2719a6b55eadd2075c02
SSDEEP

6144:PY6iNAR/Ejlq5jbDQ+aXb711nFHCOqqUhrMKL4F1GBNNzYGl9fVJeXZoKQCM4h7V:PYHAR/ROXt1nZjqqUhroEfbeJoYV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6f90936a14dcc6f81529211baf4e421_JaffaCakes118

Files

b6f90936a14dcc6f81529211baf4e421_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e176ad008c1e3f5a0560fe6a46a5074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FtpOpenFileA
DeleteUrlCacheContainerA
DeleteUrlCacheEntryA
DeleteIE3Cache
FtpCreateDirectoryW
InternetGetCookieA
FtpRenameFileW

kernel32

CreateMutexA
LockFile
GetFileType
CreateFileA
InterlockedExchange
GetStringTypeW
GetModuleHandleW
GetCurrentProcess
GetCommandLineW
InterlockedIncrement
SetCriticalSectionSpinCount
GetCurrencyFormatW
ReadConsoleW
FreeEnvironmentStringsA
SetEnvironmentVariableA
LocalReAlloc
TlsAlloc
TerminateThread
HeapDestroy
GetCurrentThread
GetProcessHeap
EnumDateFormatsExA
GetVersionExA
lstrcatW
QueryPerformanceCounter
GetModuleFileNameA
MultiByteToWideChar
SetStdHandle
GetEnvironmentStringsA
GetStringTypeExW
SetLastError
GetEnvironmentVariableA
TlsSetValue
IsValidCodePage
VirtualQuery
Sleep
GetStdHandle
GetCalendarInfoA
VirtualQueryEx
GlobalFindAtomW
GetCommandLineA
EnterCriticalSection
GetPrivateProfileSectionA
HeapCreate
CreateMailslotW
GetConsoleCP
WritePrivateProfileSectionW
GetConsoleOutputCP
CompareStringW
SetUnhandledExceptionFilter
RtlUnwind
LocalFileTimeToFileTime
LCMapStringA
TlsGetValue
GetEnvironmentStrings
SetConsoleCP
GetStartupInfoW
FreeEnvironmentStringsW
CompareStringA
MoveFileExW
GetTimeFormatA
ConvertDefaultLocale
GetTimeZoneInformation
GetModuleFileNameW
GetACP
GetSystemTimeAsFileTime
HeapAlloc
GetTickCount
GetCurrentThreadId
SetLocaleInfoA
GetStringTypeA
GetDateFormatA
SetConsoleCursorInfo
GlobalReAlloc
FreeLibrary
SetConsoleCtrlHandler
LCMapStringW
WriteConsoleW
SetFilePointer
TerminateProcess
HeapReAlloc
GetOEMCP
VirtualFree
EnumCalendarInfoExA
HeapFree
GetStartupInfoA
WriteConsoleA
DeleteCriticalSection
CreateMailslotA
FindNextChangeNotification
EnumSystemLocalesA
VirtualAlloc
GetProcAddress
InterlockedDecrement
IsValidLocale
WideCharToMultiByte
GetLastError
SetHandleCount
SetSystemTime
OpenMutexA
WriteFile
VirtualUnlock
ExitThread
GetCurrentProcessId
HeapSize
CloseHandle
ExitProcess
GetCPInfo
CreateDirectoryW
LeaveCriticalSection
GetEnvironmentStringsW
LoadLibraryA
GetConsoleMode
ReadFile
GetLocaleInfoW
InitializeCriticalSection
DeleteFiber
FileTimeToDosDateTime
GetUserDefaultLCID
GetModuleHandleA
FlushFileBuffers
GetPrivateProfileStringA
TryEnterCriticalSection
UnhandledExceptionFilter
GetLocaleInfoA
GetNamedPipeInfo
CommConfigDialogA
lstrcpyW
IsDebuggerPresent
TlsFree

advapi32

CryptDestroyHash

user32

DefWindowProcA
MsgWaitForMultipleObjects
MessageBoxW
UpdateWindow
DdeQueryNextServer
ReleaseDC
ShowWindow
SendInput
EnumDisplayDevicesW
DeferWindowPos
AnyPopup
WinHelpW
DestroyWindow
SetWindowPos
DdeCreateStringHandleA
IsCharUpperW
RegisterClassA
CloseWindow
CreateWindowExA
RegisterClassExA
SetClassLongW
TrackPopupMenuEx

comctl32

ImageList_Remove
ImageList_DragEnter
ImageList_Write
InitCommonControlsEx
ImageList_Merge
ImageList_Draw
CreateToolbarEx
ImageList_Add
_TrackMouseEvent
ImageList_SetImageCount
ImageList_GetDragImage
ImageList_SetFlags
CreateMappedBitmap
CreateStatusWindowA
ImageList_Copy

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e176ad008c1e3f5a0560fe6a46a5074

Headers

File Characteristics

Imports

wininet

kernel32

advapi32

user32

comctl32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 100KB - Virtual size: 106KB

.rsrc Size: 104KB - Virtual size: 103KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 100KB - Virtual size: 106KB

.rsrc
Size: 104KB - Virtual size: 103KB