c280c87ac960275080e869e6cddc0bbf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c280c87ac960275080e869e6cddc0bbf_JaffaCakes118
Size

459KB
MD5

c280c87ac960275080e869e6cddc0bbf
SHA1

94e22d854b1d29d4902222a2a25af4cc6ab6a345
SHA256

4ba18636d94c58d7405f192f0ed963581d52861f9c955603d458008921eb07db
SHA512

dca7176b452127edc1af9b9bf1f503950c95838d2bad2bc4a715004e326811b7b9044efc70fb9d6b77b06584d128aec61e4669b0471cef5b6afd0584295f0679
SSDEEP

6144:BQaYyZ5dO2AS7JFJfbXm/74Hs1n6bksViqaAhgkm/7RSSpOkXZDJyCkqioTj1vr1:vX/FJfrm/7sN5QkMlOIZty/Hotx7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c280c87ac960275080e869e6cddc0bbf_JaffaCakes118

Files

c280c87ac960275080e869e6cddc0bbf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f83aa8ad9576fccd5bf3181889b742c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetAttemptConnect
InternetReadFileExW

user32

FillRect
DrawTextExA
RegisterClassA
GetWindowPlacement
GetAncestor
IsWindowEnabled
GetMenuContextHelpId
CharPrevW
RegisterClassExA

kernel32

GetCPInfo
GetProcAddress
CompareStringA
WriteFile
TlsAlloc
WritePrivateProfileStructA
GetSystemTimeAsFileTime
TlsSetValue
GetEnvironmentStringsW
Sleep
SetStdHandle
FreeLibrary
GetTimeFormatA
FlushFileBuffers
DebugActiveProcess
InterlockedExchange
SetConsoleCP
CloseHandle
HeapSize
UnhandledExceptionFilter
MultiByteToWideChar
GetConsoleOutputCP
InterlockedDecrement
ReadConsoleOutputA
GetUserDefaultLCID
SetHandleCount
LeaveCriticalSection
GetOEMCP
RtlUnwind
VirtualFree
SetFilePointer
GetTimeZoneInformation
GetProfileSectionA
GetCurrentDirectoryA
IsDebuggerPresent
GetLocaleInfoW
EnterCriticalSection
GetTickCount
GetConsoleScreenBufferInfo
SetUnhandledExceptionFilter
GetConsoleMode
GetDateFormatA
VirtualQuery
TerminateProcess
GetProcessHeap
GetLastError
GetStartupInfoA
GetStdHandle
GetTempPathW
GetCurrentProcess
WideCharToMultiByte
LoadLibraryA
OpenSemaphoreA
GetLocaleInfoA
CreateFileA
ReadFile
GetStringTypeA
InitializeCriticalSection
InterlockedIncrement
LCMapStringA
GetConsoleCP
FreeEnvironmentStringsW
OpenMutexA
TlsFree
ExitProcess
SetConsoleCtrlHandler
CompareStringW
SetLastError
GetModuleHandleA
VirtualAlloc
EnumSystemLocalesA
CreateMutexA
HeapCreate
GetACP
DeleteCriticalSection
WaitForDebugEvent
SetEnvironmentVariableA
GetCommandLineA
WriteConsoleA
FreeLibraryAndExitThread
GetEnvironmentStrings
GetCurrentProcessId
GetModuleFileNameW
GetFileType
GetCurrentThreadId
lstrcpyW
CopyFileExA
QueryPerformanceCounter
HeapReAlloc
CreateWaitableTimerW
LCMapStringW
HeapDestroy
GetVersionExA
GetModuleFileNameA
GetStringTypeW
IsValidLocale
HeapFree
HeapAlloc
TlsGetValue
WriteConsoleW
IsValidCodePage
GetCurrentThread
FreeEnvironmentStringsA

comctl32

InitCommonControlsEx

Sections

.text
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f83aa8ad9576fccd5bf3181889b742c

Headers

File Characteristics

Imports

wininet

user32

kernel32

comctl32

Sections

.text Size: 262KB - Virtual size: 261KB

.rdata Size: 9KB - Virtual size: 28KB

.data Size: 181KB - Virtual size: 180KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 262KB - Virtual size: 261KB

.rdata
Size: 9KB - Virtual size: 28KB

.data
Size: 181KB - Virtual size: 180KB

.rsrc
Size: 5KB - Virtual size: 5KB