b7780722f5e209d10d271e62580997eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b7780722f5e209d10d271e62580997eb_JaffaCakes118
Size

464KB
MD5

b7780722f5e209d10d271e62580997eb
SHA1

e0f3c56d0f3e2b7253a2ce13815a721c071cfaf4
SHA256

ece2164ed5ff6ab1d557c237b7ccabc334097f867d297d42305ddd3397e0b932
SHA512

05c0a0f9f431d81a12962e7eae33aa55d2314ccc896038deadd77780c77767c838f4e3773b84d666b30334590d1b1ccc2f822ea718a0127cecd96810c2c6ddce
SSDEEP

6144:foOU/LVBWXwQebC0b4hXIJOr8n9lcMObZ8Sk5eeswg3pIaT8E/DDWHUmDg5YS0:foOUJ4IA2OrSwXbZ65en1I28guUnW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7780722f5e209d10d271e62580997eb_JaffaCakes118

Files

b7780722f5e209d10d271e62580997eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ca2f3f38bca21883eb5e92b0e4bbf2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseFontA

wininet

InternetSetOptionW
GetUrlCacheConfigInfoW
FtpGetFileA
FtpDeleteFileA
InternetReadFile
ShowSecurityInfo
FtpPutFileA

advapi32

RegOpenKeyW
InitiateSystemShutdownW
RegEnumValueW
ReportEventW
CryptGetKeyParam
CryptAcquireContextA
RegLoadKeyA
RegFlushKey
LookupPrivilegeValueW
StartServiceA

shell32

SHBrowseForFolder

kernel32

HeapCreate
SetLastError
ExitProcess
GetSystemTimeAsFileTime
CompareStringA
TlsSetValue
VirtualFree
DeleteCriticalSection
FreeLibrary
QueryPerformanceCounter
GetStdHandle
SetConsoleCtrlHandler
GetCurrentThreadId
CompareStringW
GetFileType
EnterCriticalSection
EnumSystemCodePagesW
IsValidCodePage
EnumSystemLocalesA
VirtualAlloc
LCMapStringA
GetCurrentThread
GetStartupInfoW
SystemTimeToTzSpecificLocalTime
HeapReAlloc
InterlockedDecrement
GetOEMCP
GetEnvironmentStrings
TerminateProcess
InitializeCriticalSection
HeapSize
InterlockedExchange
GetCurrentProcessId
WriteFile
SetUnhandledExceptionFilter
LeaveCriticalSection
TlsAlloc
GetEnvironmentStringsW
InterlockedIncrement
RtlUnwind
LocalFileTimeToFileTime
SetHandleCount
GetLocaleInfoA
SetWaitableTimer
GetModuleHandleA
GetUserDefaultLCID
IsValidLocale
DuplicateHandle
LCMapStringW
HeapDestroy
GetVersionExA
GetProcAddress
FreeEnvironmentStringsA
lstrcat
WideCharToMultiByte
GetCommandLineA
GetLastError
MultiByteToWideChar
GetPrivateProfileSectionA
SetEnvironmentVariableA
GetCPInfo
Sleep
UnhandledExceptionFilter
GetModuleFileNameA
FindFirstFileA
TlsGetValue
LoadLibraryA
GetPrivateProfileSectionNamesA
GetLocaleInfoW
GetStringTypeW
FindFirstFileExA
WaitNamedPipeA
GetTimeFormatA
GetDateFormatA
GetModuleFileNameW
HeapAlloc
GetTimeZoneInformation
GlobalSize
TlsFree
GetStartupInfoA
HeapFree
GetDateFormatW
WritePrivateProfileStringW
lstrcmpW
GetACP
IsDebuggerPresent
GetProcessHeap
GetCurrentProcess
GetTickCount
VirtualQuery
GetCommandLineW
FreeEnvironmentStringsW
GetStringTypeA

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ca2f3f38bca21883eb5e92b0e4bbf2e

Headers

File Characteristics

Imports

comdlg32

wininet

advapi32

shell32

kernel32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 9KB - Virtual size: 24KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 9KB - Virtual size: 24KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 11KB - Virtual size: 11KB