c03c9b18c83963ed70735fc17add6467_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c03c9b18c83963ed70735fc17add6467_JaffaCakes118
Size

452KB
MD5

c03c9b18c83963ed70735fc17add6467
SHA1

8886823b7d8198ff46dd16431d0b452bdba565ff
SHA256

fd124a23f34ed20a454eef4d4ab477f89308141d876aea73969e92eebcf0ad45
SHA512

e67b4dff38d50b6c1a9feeaedf8500dfed9f58c76c8a4f1d7626fe30207caae5da60a3659b73cf97b9aa107f584355182672b2c8b046f0f57e5c8374d95bc77f
SSDEEP

12288:zhRtJTJe07T/zMV7NiP9E8EzYKvTKeG2Y2:zhRttNXzMziy8KvHG27

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c03c9b18c83963ed70735fc17add6467_JaffaCakes118

Files

c03c9b18c83963ed70735fc17add6467_JaffaCakes118
.exe windows:4 windows x86 arch:x86

421b23e6e4453e19512f1cb8bda5860d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW

kernel32

IsBadWritePtr
HeapCreate
GetEnvironmentStringsW
VirtualFree
GetCommandLineA
SystemTimeToFileTime
InterlockedDecrement
HeapFree
QueryPerformanceCounter
GetTickCount
GetUserDefaultLCID
SetConsoleTitleW
WriteFile
SetLastError
EnterCriticalSection
IsValidLocale
HeapAlloc
MultiByteToWideChar
CompareStringA
SetEnvironmentVariableA
lstrlenW
RtlUnwind
GetStringTypeW
LCMapStringW
ConnectNamedPipe
GetThreadTimes
GetPrivateProfileStringW
FreeEnvironmentStringsA
TlsGetValue
VirtualAlloc
InterlockedIncrement
lstrcpyW
GetCurrentThreadId
HeapDestroy
GetModuleFileNameA
IsValidCodePage
GetProcAddress
ReadConsoleOutputA
FreeLibrary
GetACP
GetLocaleInfoA
ExitProcess
GetFileType
GetStartupInfoA
WritePrivateProfileStructW
InterlockedExchange
OpenProcess
GetLastError
UnhandledExceptionFilter
GetOEMCP
GetStartupInfoW
GetTimeFormatA
GetPrivateProfileSectionW
GetProcessHeap
LCMapStringA
CompareStringW
GetUserDefaultLangID
InitializeCriticalSection
FindClose
Sleep
GetCalendarInfoW
GetVersionExA
FreeEnvironmentStringsW
GetCurrentProcess
HeapReAlloc
SetPriorityClass
TlsAlloc
TlsSetValue
LeaveCriticalSection
GetModuleHandleA
GetEnvironmentStrings
GetLocaleInfoW
VirtualQuery
GetCPInfo
TerminateProcess
GlobalLock
GetStdHandle
GetSystemTimeAsFileTime
GetDateFormatA
LoadLibraryA
GetLogicalDriveStringsW
GetCurrentProcessId
HeapSize
GetConsoleCursorInfo
GetProfileIntW
WideCharToMultiByte
DeleteCriticalSection
SetHandleCount
GetCurrentThread
GetStringTypeA
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
EnumSystemLocalesA
SetConsoleCtrlHandler
EnumCalendarInfoA
TlsFree

wininet

InternetCombineUrlA
FtpCommandA
HttpOpenRequestA
InternetQueryOptionA
RetrieveUrlCacheEntryStreamW
SetUrlCacheGroupAttributeW
FtpPutFileW
SetUrlCacheEntryGroup

shell32

SHGetDesktopFolder

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

421b23e6e4453e19512f1cb8bda5860d

Headers

File Characteristics

Imports

comdlg32

kernel32

wininet

shell32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 8KB - Virtual size: 23KB

.data Size: 281KB - Virtual size: 280KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 8KB - Virtual size: 23KB

.data
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 5KB - Virtual size: 5KB