ba86964cdc8523878cea0f1ca9f16845_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba86964cdc8523878cea0f1ca9f16845_JaffaCakes118
Size

426KB
MD5

ba86964cdc8523878cea0f1ca9f16845
SHA1

360178d10a05081e165ab07f9bf315233e210074
SHA256

badb2b4415c92d8743c97d47e7ae0eb11cdf2101d44c5c2ed2c52b34ea34f0ad
SHA512

4fbc7ab68be41c5630a190a5a2e9723f15be58cd70403fc2c95911ec4809e1726fbe332e8c86aeb7998f438b08437b9969e8bd258fc67e4403588a0ffa9747ce
SSDEEP

12288:hXgoM/nwavKmffo4k/J/jBRzBQz2aC3FPLb2Uj8:hXgT/fKif58JrFaCVbj8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba86964cdc8523878cea0f1ca9f16845_JaffaCakes118

Files

ba86964cdc8523878cea0f1ca9f16845_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fb33732f125588351c53e060918b757

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseFontW
ChooseFontA

shell32

SHGetPathFromIDListW
SHGetDiskFreeSpaceA
SHLoadInProc
SHInvokePrinterCommandW

gdi32

ExtEscape
SetWindowOrgEx
SetMetaRgn
RoundRect
GetFontLanguageInfo

kernel32

GetStringTypeA
GetProfileStringA
ReadConsoleInputA
GetStringTypeW
LocalHandle
GetLastError
MultiByteToWideChar
HeapAlloc
FreeEnvironmentStringsA
GetACP
GetStdHandle
IsBadWritePtr
UnhandledExceptionFilter
GetSystemTimeAsFileTime
LocalCompact
HeapSize
LCMapStringA
GetCurrentProcess
TlsGetValue
SetLocalTime
GetProfileStringW
GetFileType
GetTimeZoneInformation
GetEnvironmentStringsW
WriteFile
GetTickCount
InterlockedExchange
VirtualAlloc
EnumCalendarInfoA
TlsAlloc
lstrcpyn
GetConsoleOutputCP
GetTimeFormatA
ExitProcess
GetCurrentProcessId
RtlUnwind
GetUserDefaultLCID
EnterCriticalSection
GetDateFormatA
GetConsoleCP
LoadLibraryA
HeapCreate
GetProcAddress
TerminateProcess
MoveFileExA
GetModuleHandleA
InitializeCriticalSection
SetConsoleOutputCP
GlobalFindAtomA
CompareStringW
QueryPerformanceCounter
GetVersionExA
DeleteCriticalSection
GetSystemInfo
GetOEMCP
CreateNamedPipeW
SetHandleCount
SetEnvironmentVariableA
CreateSemaphoreW
CompareStringA
VirtualProtect
FreeEnvironmentStringsW
GetVolumeInformationW
LCMapStringW
GetStartupInfoA
IsValidLocale
GetModuleFileNameA
WideCharToMultiByte
InterlockedDecrement
HeapFree
GetCurrentThread
GetCPInfo
HeapDestroy
GetCurrentThreadId
GetLongPathNameW
HeapReAlloc
TlsSetValue
VirtualQuery
VirtualFree
SetLastError
IsValidCodePage
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
WritePrivateProfileStructW
TlsFree
GetEnvironmentStrings
GetCommandLineA
LeaveCriticalSection
SetConsoleCP

wininet

HttpSendRequestW
InternetConfirmZoneCrossing

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fb33732f125588351c53e060918b757

Headers

File Characteristics

Imports

comdlg32

shell32

gdi32

kernel32

wininet

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 7KB - Virtual size: 19KB

.data Size: 278KB - Virtual size: 277KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 7KB - Virtual size: 19KB

.data
Size: 278KB - Virtual size: 277KB

.rsrc
Size: 8KB - Virtual size: 7KB