b8d66cd1a40a07b5ac1d9335e34d5e36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8d66cd1a40a07b5ac1d9335e34d5e36_JaffaCakes118
Size

276KB
MD5

b8d66cd1a40a07b5ac1d9335e34d5e36
SHA1

38caeee1eae36e92ea3d9c637d2c82afe192d51f
SHA256

a04ee9655ca486fa62cfa920cc16b0a6c93db76bfba9a69ef5f0e8a75bbc2952
SHA512

64886e3c827841d69a03537e348da718d8610cfc01f75436dd9dbf02d8dfe8e80e09655979dc7ca81d9f3bcf40cd04232ba808350d1ea56c1f7cc178069810d7
SSDEEP

6144:IHK4sSmiZAI/ardmwg8/DxLyRcY8vQUivVwqHc5W5eCKe/:IH9jJZAy8/DxLy6eGqHcw8K/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8d66cd1a40a07b5ac1d9335e34d5e36_JaffaCakes118

Files

b8d66cd1a40a07b5ac1d9335e34d5e36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0da91c3a0cb20d029d05f2992e47529

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlW
InternetShowSecurityInfoByURLW
FtpGetCurrentDirectoryW

comdlg32

FindTextA

kernel32

OpenWaitableTimerA
TlsSetValue
ReadConsoleOutputA
ExitProcess
TlsFree
GetUserDefaultLCID
GetStdHandle
ReadFile
GetFileAttributesA
RtlFillMemory
GetTimeFormatA
lstrcpyW
TlsAlloc
GetStringTypeA
HeapAlloc
lstrcmpiW
VirtualProtect
WriteProfileStringW
VirtualAlloc
GetProcAddress
GetCurrentThread
EnumSystemLocalesA
GetModuleFileNameA
DeleteAtom
GetStringTypeW
GetSystemTimeAsFileTime
WritePrivateProfileStringW
WideCharToMultiByte
LCMapStringW
GetEnvironmentStringsW
LeaveCriticalSection
GetDateFormatA
TerminateProcess
GetStartupInfoA
HeapDestroy
LoadLibraryA
SetLastError
GetVersionExA
EnumResourceLanguagesA
GetCPInfo
LCMapStringA
IsBadWritePtr
QueryPerformanceCounter
RtlUnwind
HeapReAlloc
GetCurrentThreadId
HeapFree
CloseHandle
EnterCriticalSection
GetOEMCP
GetACP
MultiByteToWideChar
FormatMessageW
VirtualFree
GetEnvironmentStringsA
GetEnvironmentStrings
OpenMutexA
InterlockedExchange
HeapCreate
FreeEnvironmentStringsW
SetThreadIdealProcessor
CompareStringW
GetCurrentProcess
GlobalUnlock
SetEnvironmentVariableA
OpenFileMappingA
WriteFile
FreeEnvironmentStringsA
SetFileAttributesA
HeapSize
IsValidCodePage
VirtualQuery
UnhandledExceptionFilter
IsValidLocale
GetLocaleInfoA
CompareStringA
GetFileType
GetSystemInfo
GetTickCount
GetLastError
GetModuleHandleA
SetHandleCount
GetLocaleInfoW
GetCurrentDirectoryA
InitializeCriticalSection
GetCommandLineA
CreateMutexA
GlobalAddAtomA
FlushFileBuffers
DeleteCriticalSection
TlsGetValue
lstrcpynA
SetFilePointer
SetFileAttributesW
SetStdHandle
GetTimeZoneInformation
GetCurrentProcessId

advapi32

RegQueryInfoKeyA
CryptHashData
RegSetKeySecurity

user32

OpenInputDesktop
MessageBoxA
RegisterClassExA
ShowWindow
CreateWindowExA
LoadImageA
DrawTextW
RegisterClassA
CharLowerBuffA
SetWindowsHookExW
RegisterWindowMessageW
GetKBCodePage
GetUpdateRgn
GetClassInfoExA
IsIconic

comctl32

ImageList_Copy
ImageList_DrawEx
_TrackMouseEvent
ImageList_DragLeave
CreateToolbarEx
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_AddIcon
DestroyPropertySheetPage
ImageList_DrawIndirect
InitCommonControlsEx
ImageList_LoadImageW
ImageList_AddMasked

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0da91c3a0cb20d029d05f2992e47529

Headers

File Characteristics

Imports

wininet

comdlg32

kernel32

advapi32

user32

comctl32

Sections

.text Size: 148KB - Virtual size: 148KB

.rdata Size: 24KB - Virtual size: 34KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 148KB - Virtual size: 148KB

.rdata
Size: 24KB - Virtual size: 34KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 17KB - Virtual size: 17KB