c049674101d0b31effc55f6f9951ebc1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c049674101d0b31effc55f6f9951ebc1_JaffaCakes118
Size

501KB
MD5

c049674101d0b31effc55f6f9951ebc1
SHA1

bd5582d5265081b3608470791a141b37168d67ce
SHA256

ca0d1723c103ca8900a7fee22ee1eeae9a9a40e785d8fbaabc3a391119c03bd5
SHA512

b592e82b8ce649ba74d715fd8ebc7c97791204381fb44515eab850bc65a2ede4d9db3746498d3b93f48381941965e2c47ce3190fface43a11af8822d75fe3abd
SSDEEP

12288:Cu4S7YKspcLYzIu/tC8SRTPCqsbJBsihcbt0IRHirI:CuJTsp6YzlIxXsdiaH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c049674101d0b31effc55f6f9951ebc1_JaffaCakes118

Files

c049674101d0b31effc55f6f9951ebc1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c614c83fbe9e718ed0f2fcce9f04c55d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetInstanceExplorer
FreeIconList
RealShellExecuteExA
SheGetDirA

wininet

SetUrlCacheGroupAttributeW
SetUrlCacheEntryGroup
FtpGetFileEx
InternetTimeToSystemTimeW

user32

RemovePropA
SystemParametersInfoA
CharNextW
CreateCaret
GetCaretBlinkTime
EnumDisplayDevicesA
DefDlgProcA
RegisterClassExA
GetClipboardFormatNameA
IsWindow
PeekMessageA
SetScrollInfo
GetDlgItemInt
MsgWaitForMultipleObjects
OpenWindowStationW
RegisterClassA
DdeCreateStringHandleA
MonitorFromPoint
GetMessageA
InsertMenuW

comctl32

InitCommonControlsEx

kernel32

LCMapStringA
SetHandleCount
IsBadWritePtr
GetVersionExA
GetProfileSectionW
GetCompressedFileSizeW
OpenMutexA
GetCurrentProcessId
MultiByteToWideChar
GetOEMCP
GetSystemInfo
CreateMutexA
TerminateProcess
TlsFree
TlsSetValue
HeapDestroy
ReadFile
GetTimeZoneInformation
SetStdHandle
GetSystemTimeAsFileTime
GetDateFormatA
VirtualAlloc
GetModuleHandleA
EnumSystemLocalesA
GetUserDefaultLCID
LoadLibraryW
GetCurrentThreadId
SetFilePointer
SetLastError
GetStringTypeA
GetCurrentProcess
UnhandledExceptionFilter
LeaveCriticalSection
HeapFree
GetCommandLineW
HeapAlloc
CloseHandle
GetCurrentDirectoryA
IsValidLocale
FlushFileBuffers
GetFullPathNameW
GetEnvironmentStringsW
GetFileType
InterlockedExchange
GetProcAddress
RtlUnwind
GetStartupInfoW
GetModuleFileNameW
WriteFile
WideCharToMultiByte
FreeEnvironmentStringsW
CompareStringA
GetLocaleInfoA
IsValidCodePage
LoadLibraryA
LocalHandle
VirtualProtect
SetEnvironmentVariableA
VirtualFree
GetCommandLineA
GetModuleFileNameA
GetStdHandle
TlsGetValue
HeapReAlloc
EnterCriticalSection
GetEnvironmentStrings
InitializeCriticalSection
QueryPerformanceCounter
WriteConsoleInputW
GetLastError
HeapCreate
GetCurrentThread
TlsAlloc
ExitProcess
DeleteCriticalSection
GetLocaleInfoW
GetTimeFormatA
CompareStringW
HeapSize
FreeEnvironmentStringsA
GetCPInfo
VirtualQuery
GetTickCount
GetStartupInfoA
GetACP
GetStringTypeW
LCMapStringW

Sections

.text
Size: 337KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c614c83fbe9e718ed0f2fcce9f04c55d

Headers

File Characteristics

Imports

shell32

wininet

user32

comctl32

kernel32

Sections

.text Size: 337KB - Virtual size: 336KB

.rdata Size: 46KB - Virtual size: 73KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 337KB - Virtual size: 336KB

.rdata
Size: 46KB - Virtual size: 73KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 13KB - Virtual size: 12KB