d239d4bca32cbd5efc429a352c74ca29_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d239d4bca32cbd5efc429a352c74ca29_JaffaCakes118
Size

473KB
MD5

d239d4bca32cbd5efc429a352c74ca29
SHA1

7324a5a52ce4d650f1cd32f13ecf4d6e3842dd51
SHA256

da274067db72621ad38cefb2e841c1fb1836e98bfb983c4bda7bd732698faf09
SHA512

8bbb3a374dfb643ce84ff540cdebbd714d960d8b978d2c4650fa09599b5d31a805225f44b8dc1f73ea913c6a1ed59a6afae12e0df637bb3f63eb41bcc8c0dc49
SSDEEP

12288:o5Hbd90dvkdKZbHkDbhMI7i3/r5tVynLjk+:o5HZ90dvkdKK2hVtAn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d239d4bca32cbd5efc429a352c74ca29_JaffaCakes118

Files

d239d4bca32cbd5efc429a352c74ca29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7f33b3d387bd002c1b84974f1aebb75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
PageSetupDlgW

wininet

InternetInitializeAutoProxyDll
FtpGetFileW
InternetFindNextFileA
FindNextUrlCacheGroup
GopherFindFirstFileA
InternetSetDialStateA
HttpOpenRequestW

shell32

SHAppBarMessage
SHGetFileInfoA
SHGetPathFromIDListW

advapi32

RegFlushKey
CryptSignHashA
RegSetValueA

kernel32

SetEnvironmentVariableA
SetConsoleCtrlHandler
GetEnvironmentStringsW
CompareStringA
GetStringTypeW
IsValidLocale
GetLastError
LCMapStringW
GetLocaleInfoW
WideCharToMultiByte
Sleep
IsValidCodePage
GetTickCount
WriteFile
GetACP
TlsGetValue
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
InterlockedIncrement
TlsFree
CompareStringW
GetCurrentThreadId
RtlUnwind
GetStdHandle
HeapCreate
HeapSize
GetModuleFileNameA
GetStartupInfoA
TlsAlloc
GetCurrentProcessId
GetStringTypeA
GetTimeZoneInformation
QueryPerformanceCounter
IsDebuggerPresent
GetCurrentThread
VirtualFree
GetUserDefaultLCID
GetStartupInfoW
TerminateProcess
GetDateFormatA
InterlockedDecrement
MultiByteToWideChar
InterlockedExchange
LoadLibraryA
GetCurrentProcess
HeapFree
HeapAlloc
GetCommandLineA
GetLocaleInfoA
FreeEnvironmentStringsA
VirtualQuery
HeapDestroy
GetFileType
LCMapStringA
HeapReAlloc
ExitProcess
InitializeCriticalSection
GetEnvironmentStrings
SetUnhandledExceptionFilter
GetConsoleScreenBufferInfo
EnterCriticalSection
FreeLibrary
SetHandleCount
EnumSystemLocalesA
GetProcessHeap
GetModuleHandleA
GetModuleFileNameW
VirtualAlloc
GetTimeFormatA
SetLastError
GetCPInfo
TlsSetValue
DeleteCriticalSection
LeaveCriticalSection
GetCommandLineW
GetOEMCP
GetProcAddress
GetVersionExA
UnhandledExceptionFilter

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7f33b3d387bd002c1b84974f1aebb75

Headers

File Characteristics

Imports

comdlg32

wininet

shell32

advapi32

kernel32

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 8KB - Virtual size: 33KB

.data Size: 282KB - Virtual size: 282KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 8KB - Virtual size: 33KB

.data
Size: 282KB - Virtual size: 282KB

.rsrc
Size: 12KB - Virtual size: 12KB