bb728e5ffa9f41dd7c8668cda1bdcad8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb728e5ffa9f41dd7c8668cda1bdcad8_JaffaCakes118
Size

459KB
MD5

bb728e5ffa9f41dd7c8668cda1bdcad8
SHA1

53e62db0c55dbc8558020c64600ae630e175acdb
SHA256

5c70f9e06a7c029dd7ed8c8c71f8cf1fd0dc3fe86d66733395c72ab1cddb98fb
SHA512

cbc73370e8dbf8a1f17efd498acebcd3986abcf9c8d03e352c57a1b18a47a53c8ec4b2d42b3e7c313a34c4f987dce30ba61e509f51dda462a3dfe80f65e123e9
SSDEEP

12288:WnvzVKCWcFZq9FSFNil9d6fwHaKinpGF7TBJQW3hdJ62:WnvzkWZq9MFI9smaVnkZF26J62

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb728e5ffa9f41dd7c8668cda1bdcad8_JaffaCakes118

Files

bb728e5ffa9f41dd7c8668cda1bdcad8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1e8b8f5e9bc2597566d916080afac2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\eas

Imports

user32

RegisterClassExA
GetScrollInfo
InvalidateRect
IsDialogMessage
RegisterClassA
DdeCreateDataHandle
GetMessageExtraInfo
DrawFocusRect

kernel32

GetLastError
GetCommandLineA
LoadLibraryA
SetStdHandle
FindNextFileA
WideCharToMultiByte
EnumCalendarInfoExA
SetLastError
PulseEvent
VirtualQuery
ReadFile
GetSystemTime
TerminateProcess
LeaveCriticalSection
FlushFileBuffers
InterlockedExchange
FileTimeToLocalFileTime
InitializeCriticalSection
QueryPerformanceCounter
FreeEnvironmentStringsW
GetEnvironmentStrings
SetFilePointer
CompareStringA
CreateMutexA
TlsSetValue
GetSystemTimeAsFileTime
VirtualFree
GetStringTypeW
GetStartupInfoW
GetTickCount
TlsFree
MultiByteToWideChar
lstrcmpiW
InterlockedDecrement
GetLocalTime
GetTimeZoneInformation
LCMapStringW
IsBadWritePtr
GetCurrentProcessId
SetHandleCount
HeapFree
GetCurrentThreadId
GetCurrentProcess
OpenMutexA
GetCPInfo
GetModuleHandleA
WriteFile
RtlUnwind
GetProcAddress
EnumCalendarInfoExW
HeapDestroy
TlsGetValue
TlsAlloc
HeapCreate
GetStdHandle
SetEnvironmentVariableA
UnhandledExceptionFilter
ExitProcess
HeapReAlloc
FlushInstructionCache
GetEnvironmentStringsW
CloseHandle
lstrcmpiA
HeapAlloc
CreateEventA
DeleteCriticalSection
LockFile
GetStartupInfoA
GetCurrentThread
GetModuleFileNameA
InterlockedIncrement
GetVersion
CompareStringW
EnterCriticalSection
VirtualAlloc
GetOEMCP
OutputDebugStringW
GetFileType
GetTempPathA
GetShortPathNameA
FreeEnvironmentStringsA
LCMapStringA
GetACP
GetStringTypeA

wininet

FtpRenameFileA
InternetGetCertByURLA
InternetGoOnline
InternetCombineUrlW

comctl32

InitCommonControlsEx

Sections

.text
Size: 322KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1e8b8f5e9bc2597566d916080afac2c

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

wininet

comctl32

Sections

.text Size: 322KB - Virtual size: 321KB

.rdata Size: 19KB - Virtual size: 48KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 322KB - Virtual size: 321KB

.rdata
Size: 19KB - Virtual size: 48KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 15KB - Virtual size: 15KB