d31288e1a951a53951aafdbede4893d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d31288e1a951a53951aafdbede4893d0_JaffaCakes118
Size

294KB
MD5

d31288e1a951a53951aafdbede4893d0
SHA1

e381b093010592db90ae4d0e3065976fe4124d63
SHA256

3f040f8775db69435d76fb1c9a0b0543e49012fda5e4558d89d8076acc6837cd
SHA512

a3e1412f812a8657e466b2767a90cb594adb6f60cefa4813343803454c85410fafc496fcb13b8ff5a3c308b809d43cde411fa6cfd8a464fa7d3444d525ff7687
SSDEEP

6144:G8xRqjDQ/67oFuJ4nu5jcZaDmdrRuPAB:RMjDQi7suJV5jcBdrEoB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d31288e1a951a53951aafdbede4893d0_JaffaCakes118

Files

d31288e1a951a53951aafdbede4893d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a6246877ca6f0007157ce6b3e45c26e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA

kernel32

GetStdHandle
IsBadWritePtr
GetLocaleInfoW
HeapSize
CompareStringW
VirtualAlloc
EnterCriticalSection
LoadLibraryA
GetTimeFormatA
GetLastError
UnhandledExceptionFilter
GetStartupInfoW
TlsGetValue
LCMapStringA
GetCurrentProcessId
GetTimeZoneInformation
EnumSystemLocalesA
InterlockedExchange
GetModuleHandleA
QueryPerformanceCounter
GetDateFormatA
GetModuleFileNameA
IsValidCodePage
GetStringTypeA
GetUserDefaultLCID
VirtualQuery
GetFileType
ExitProcess
HeapFree
WriteFile
MultiByteToWideChar
HeapReAlloc
GetCommandLineW
CompareStringA
GetOEMCP
WideCharToMultiByte
OpenMutexW
TlsFree
GetCurrentThread
GetProcAddress
SetHandleCount
GetStringTypeW
GetTickCount
TlsAlloc
GetVersionExA
GetEnvironmentStrings
LeaveCriticalSection
CreateProcessW
FreeEnvironmentStringsA
GetSystemInfo
GetCurrentThreadId
TerminateProcess
VirtualFree
GetEnvironmentStringsW
VirtualProtectEx
HeapCreate
HeapDestroy
GetModuleFileNameW
GetSystemTimeAsFileTime
GetStartupInfoA
GetCurrentProcess
FreeEnvironmentStringsW
HeapAlloc
TlsSetValue
InitializeCriticalSection
SetLastError
RtlUnwind
DeleteCriticalSection
GetACP
IsValidLocale
FindFirstFileExA
GetLocaleInfoA
VirtualProtect
GetCommandLineA
SetEnvironmentVariableA
LCMapStringW
GetCPInfo

advapi32

CryptAcquireContextA
RegFlushKey
RegQueryInfoKeyA

wininet

InternetGetConnectedStateExW
SetUrlCacheHeaderData
UnlockUrlCacheEntryFileA
InternetShowSecurityInfoByURLA
InternetReadFile
FtpPutFileEx
InternetCanonicalizeUrlA
InternetCrackUrlA
FtpPutFileW

gdi32

ScaleViewportExtEx
SetLayout
GetClipBox
GetEnhMetaFileDescriptionW
ExtTextOutA
ExtCreatePen
Rectangle
CreateDiscardableBitmap
StartDocA
OffsetWindowOrgEx
SetPixelFormat
FillRgn
GetObjectType
ChoosePixelFormat
GetStretchBltMode
GetRgnBox
GetViewportOrgEx
SetPixel
PaintRgn
GetAspectRatioFilterEx
SetTextColor
SetPixelV
CreateBitmap
OffsetRgn
SetTextAlign

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a6246877ca6f0007157ce6b3e45c26e

Headers

File Characteristics

Imports

comdlg32

kernel32

advapi32

wininet

gdi32

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 7KB - Virtual size: 38KB

.data Size: 170KB - Virtual size: 170KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 7KB - Virtual size: 38KB

.data
Size: 170KB - Virtual size: 170KB

.rsrc
Size: 10KB - Virtual size: 9KB