d3b36bd6b226f0af4027ad3ade3ac605_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3b36bd6b226f0af4027ad3ade3ac605_JaffaCakes118
Size

491KB
MD5

d3b36bd6b226f0af4027ad3ade3ac605
SHA1

c4a4b56a2e9881892b9d23073981170fc9825909
SHA256

19cb6237efb070fd87b0345ecbcdb45fd4d500ec9b77d8439c1062abbd338157
SHA512

eab03e7f83a23a0f9bcbfe71afb1287806114c14bccf5d5fdf160e18a78f2fe435acceb68f71eb357eee0cb164109e7bbdc243fa0d2c02f2c7348021ad8652c4
SSDEEP

12288:wxjOuvyTAp6EKghYeF3ktsxblSeN9GUzvGp9w/D:8jOcy8MEKghFZpoeiUDGp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3b36bd6b226f0af4027ad3ade3ac605_JaffaCakes118

Files

d3b36bd6b226f0af4027ad3ade3ac605_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4a055c78b7af602480416df128616dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetColorAdjustment
SetDIBits
GetStretchBltMode
SetDIBitsToDevice
PolyBezierTo
SetWindowExtEx
SetPaletteEntries
DeleteMetaFile
GetTextExtentPointA
CreateMetaFileW
SetTextJustification
GetICMProfileA

kernel32

GetModuleFileNameW
GetUserDefaultLCID
GetModuleFileNameA
LocalFileTimeToFileTime
InitializeCriticalSection
GetCommandLineW
GetSystemTimeAsFileTime
lstrlen
VirtualFree
GetStdHandle
GetStringTypeA
InterlockedDecrement
SetHandleCount
TlsAlloc
EnterCriticalSection
FreeEnvironmentStringsW
CompareStringW
GetProcessHeap
VirtualAlloc
GetModuleHandleA
SetSystemTime
HeapDestroy
MultiByteToWideChar
GetFileType
GetEnvironmentStrings
SetConsoleCursorInfo
GetEnvironmentStringsW
SetComputerNameA
CompareStringA
IsDebuggerPresent
HeapReAlloc
GetDateFormatA
EnumDateFormatsA
UnhandledExceptionFilter
TlsSetValue
LoadLibraryA
GetACP
MapViewOfFile
WideCharToMultiByte
GetTimeZoneInformation
GetCommandLineA
GetProcAddress
SetEnvironmentVariableA
SetUnhandledExceptionFilter
GetSystemInfo
ExitProcess
lstrcmpiW
VirtualQuery
HeapCreate
GetCurrentProcessId
InterlockedIncrement
TerminateProcess
InterlockedExchange
GetCurrentThread
HeapAlloc
FreeEnvironmentStringsA
IsValidCodePage
TlsGetValue
GetTimeFormatA
SetLastError
EnumSystemLocalesA
GetCurrentProcess
Sleep
IsValidLocale
RtlUnwind
GetLastError
HeapSize
GetStartupInfoW
GetStringTypeExA
LCMapStringW
GetStartupInfoA
QueryPerformanceCounter
FreeLibrary
GetLocaleInfoA
GetVersionExA
GetCurrentThreadId
GetProfileSectionA
WriteFile
DeleteCriticalSection
GetStringTypeW
SetConsoleCtrlHandler
GlobalHandle
GetConsoleTitleW
GetTickCount
GlobalGetAtomNameW
HeapFree
LeaveCriticalSection
GetCPInfo
TlsFree
GetLocaleInfoW
SetConsoleActiveScreenBuffer
GetOEMCP
LCMapStringA

wininet

InternetConfirmZoneCrossing
FreeUrlCacheSpaceW
SetUrlCacheEntryGroup
InternetCloseHandle
InternetConnectA
FtpCommandA
RetrieveUrlCacheEntryFileA
InternetLockRequestFile
RunOnceUrlCache

advapi32

RegFlushKey
RegOpenKeyExA
CryptGetKeyParam
DuplicateTokenEx
RegEnumKeyExW

Sections

.text
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 287KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4a055c78b7af602480416df128616dc

Headers

File Characteristics

Imports

gdi32

kernel32

wininet

advapi32

Sections

.text Size: 187KB - Virtual size: 187KB

.rdata Size: 9KB - Virtual size: 39KB

.data Size: 287KB - Virtual size: 286KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 187KB - Virtual size: 187KB

.rdata
Size: 9KB - Virtual size: 39KB

.data
Size: 287KB - Virtual size: 286KB

.rsrc
Size: 6KB - Virtual size: 6KB