b739df7874485d545a3ad96a9160529e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b739df7874485d545a3ad96a9160529e_JaffaCakes118
Size

436KB
MD5

b739df7874485d545a3ad96a9160529e
SHA1

da30fee0e7d12294b199c7e1be98b6f65601713a
SHA256

7ed2855796ece7f1b653246caa726ef0c02afdd7ed267be2783033519406ae3c
SHA512

5fef5901c005ec2b4f759f9bee79688804198ebf59d78308fbee8bdf7259dc5fae543bd9897b042ede9533ea0cfea38dcf3b1bf41cc8374b206329bb0cbf898a
SSDEEP

12288:JvOcPurbD+RzCPXh5yx4Sbs/iFS/FeiiTdFMIt:JxNE55Gm/eS9eiUN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b739df7874485d545a3ad96a9160529e_JaffaCakes118

Files

b739df7874485d545a3ad96a9160529e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b880b756bcf271761fa16ff04d82c3fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
CompareStringW
LCMapStringW
EnumCalendarInfoExA
RtlUnwind
GetUserDefaultLCID
AddAtomW
GetCurrentProcess
GetStdHandle
VirtualAlloc
SetConsoleCtrlHandler
IsValidLocale
HeapReAlloc
GetLocaleInfoW
GetFileAttributesExW
GetLocaleInfoA
FreeEnvironmentStringsW
MultiByteToWideChar
GetModuleFileNameA
GetACP
GetTimeZoneInformation
ExitProcess
GetEnvironmentStrings
GetTimeFormatA
HeapDestroy
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeA
FreeEnvironmentStringsA
InterlockedDecrement
QueryPerformanceCounter
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCPInfo
SetLastError
TlsGetValue
EnumSystemLocalesA
HeapAlloc
GetProcessHeap
HeapFree
CreateWaitableTimerA
SetEnvironmentVariableA
GetCurrentProcessId
GetEnvironmentStringsW
GetVersionExA
GetStringTypeW
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
GetFileType
HeapCreate
FreeLibrary
WriteFile
Sleep
ReleaseMutex
GetProfileIntW
GetModuleHandleA
GetCurrentThread
WideCharToMultiByte
GetStringTypeExW
GetNamedPipeHandleStateW
SetHandleCount
GetCurrentDirectoryA
WritePrivateProfileSectionA
DeleteCriticalSection
HeapSize
GetProcAddress
GetLastError
GetOEMCP
CompareStringA
LCMapStringA
InterlockedExchange
InterlockedIncrement
VirtualFree
GetStartupInfoA
VirtualQuery
TlsSetValue
TlsFree
ReadConsoleA
LeaveCriticalSection
GetCurrentThreadId
IsDebuggerPresent
LocalAlloc
TerminateProcess
GetDateFormatA
IsValidCodePage

wininet

InternetReadFileExW
HttpAddRequestHeadersW
GetUrlCacheConfigInfoA
GetUrlCacheGroupAttributeW
InternetFortezzaCommand

shell32

SHBrowseForFolderA
SHBrowseForFolder
DragQueryFile
SHInvokePrinterCommandW
InternalExtractIconListW
SHGetInstanceExplorer
SHEmptyRecycleBinW
DragQueryFileA
ExtractIconExA
SHGetPathFromIDListW
SHInvokePrinterCommandA
DragQueryFileAorW
SHAppBarMessage
DragQueryFileW
SHGetSettings
ShellHookProc
SHGetPathFromIDListA
ShellExecuteExA
SHQueryRecycleBinW
SHGetMalloc

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b880b756bcf271761fa16ff04d82c3fc

Headers

File Characteristics

Imports

kernel32

wininet

shell32

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 309KB - Virtual size: 338KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 309KB - Virtual size: 338KB

.rsrc
Size: 9KB - Virtual size: 9KB