d255b46285545defbe0e7520cd099578_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d255b46285545defbe0e7520cd099578_JaffaCakes118
Size

391KB
MD5

d255b46285545defbe0e7520cd099578
SHA1

9f6ec94e9774b07d175d08c4b63291b7153779c7
SHA256

0e03a499b80083a3ac29718fff069559e0d9c6b8f2ab0435ae4e761237bf0431
SHA512

5368dcf52b7a811ed02b38a849667355ca14094015bfb1f45e906c5ad308a1a8b729b2ebd9bd5dba96d467798f6c52bd3e389b1130f4e5cf7980869ed2c155ce
SSDEEP

12288:VisEl/M39CKaRApMLcAweu2RPL6ZaJc47/:V1CR2vAw7mPeZor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d255b46285545defbe0e7520cd099578_JaffaCakes118

Files

d255b46285545defbe0e7520cd099578_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ea9e7e2422a32d83f26d31f8cd94263

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
FindNextFileW
TlsSetValue
GetTimeFormatA
RtlUnwind
GetVersion
GetCurrencyFormatW
GetCurrentProcess
GetLastError
VirtualAlloc
WriteFile
TlsFree
HeapReAlloc
GetCurrentThread
SuspendThread
GetCommandLineW
EnumSystemCodePagesW
VirtualFree
GetModuleFileNameA
GetFullPathNameW
GetStdHandle
ExitProcess
FreeEnvironmentStringsA
GetStartupInfoW
InitializeCriticalSection
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetModuleFileNameW
SetLocaleInfoW
MultiByteToWideChar
QueryPerformanceCounter
lstrcatA
SetLastError
WriteConsoleOutputA
VirtualQuery
GetCurrentThreadId
WaitCommEvent
HeapAlloc
GetEnvironmentStringsW
HeapFree
LoadModule
TerminateProcess
GetCurrentProcessId
LocalShrink
HeapCreate
GetStartupInfoA
SetFileAttributesA
LeaveCriticalSection
CloseHandle
FreeEnvironmentStringsW
HeapDestroy
ContinueDebugEvent
TlsAlloc
UnhandledExceptionFilter
FindClose
GetUserDefaultLangID
GetModuleHandleA
GetPrivateProfileStringW
EnterCriticalSection
GetProcessHeaps
ReadFile
GetFileType
SetEnvironmentVariableA
DeleteFiber
SetStdHandle
IsBadWritePtr
GetProcAddress
GetCommandLineA
GetEnvironmentStrings
GetDateFormatW
TlsGetValue
InterlockedExchange
SetHandleCount

wininet

FtpCommandW
FtpGetFileSize
SetUrlCacheConfigInfoW

gdi32

EndPage
DescribePixelFormat
SetICMMode
CreateEnhMetaFileA
ScaleViewportExtEx
GetCharWidthFloatA
GetRasterizerCaps
BitBlt
GetObjectType
DeleteEnhMetaFile
SetDIBColorTable
EnableEUDC
GetGraphicsMode
EnumEnhMetaFile
CopyEnhMetaFileW
SetWindowOrgEx
SelectPalette
GetCharWidth32A
AddFontResourceW
CreateFontW

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ea9e7e2422a32d83f26d31f8cd94263

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

Sections

.text Size: 115KB - Virtual size: 115KB

.data Size: 271KB - Virtual size: 279KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 115KB - Virtual size: 115KB

.data
Size: 271KB - Virtual size: 279KB

.rsrc
Size: 3KB - Virtual size: 3KB