d3c56d0911e24b220f5fe86dde623af1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3c56d0911e24b220f5fe86dde623af1_JaffaCakes118
Size

470KB
MD5

d3c56d0911e24b220f5fe86dde623af1
SHA1

a1b4f645741904d78908852893a1dbfadb131926
SHA256

c856440d88071e9cff664cbe318bb03fbd3124832e3d7283c2b3b3df806cb71e
SHA512

5f824ab0d60bb713772fd5b2b63e2905ab2a238275aa219978bfe1f20022f9aa6c351df3038b689ac2800c55d51fb67b08d6f38e92bd077ce1b30dad468b2242
SSDEEP

12288:50v5GT+phnteyt0qu24eBehlWbAczIV5WCreHTZDt:5uY6xek03SMlGjIV5WCCl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3c56d0911e24b220f5fe86dde623af1_JaffaCakes118

Files

d3c56d0911e24b220f5fe86dde623af1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a600594c8584451c744c1af7ac286a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheEntry
InternetQueryOptionA
SetUrlCacheEntryGroupA
InternetOpenUrlW
InternetSetCookieW

kernel32

GetDateFormatA
GetFileType
GetStdHandle
InitializeCriticalSection
GetStringTypeW
FreeEnvironmentStringsA
RtlUnwind
TlsAlloc
VirtualAlloc
lstrcmpiA
LCMapStringA
GetTickCount
HeapDestroy
IsBadWritePtr
HeapValidate
TlsFree
GetTimeZoneInformation
SetHandleCount
IsValidCodePage
IsValidLocale
GetSystemTimeAsFileTime
GetACP
GetModuleFileNameW
CloseHandle
WideCharToMultiByte
TlsGetValue
ExitProcess
GetLocaleInfoW
GetLocaleInfoA
GetCommandLineW
GetStringTypeA
GetModuleHandleA
VirtualProtect
GetProcAddress
CompareStringW
GetCPInfo
DebugBreak
IsBadReadPtr
VirtualQuery
GetCurrentProcess
DosDateTimeToFileTime
GetStartupInfoW
WaitNamedPipeA
GetModuleFileNameA
GetLastError
QueryPerformanceCounter
CompareStringA
VirtualFree
LoadLibraryA
UnhandledExceptionFilter
LeaveCriticalSection
InterlockedExchange
EnterCriticalSection
SetConsoleCtrlHandler
InterlockedDecrement
GetEnvironmentStringsW
WriteFile
HeapCreate
SetEnvironmentVariableA
GetStartupInfoA
MultiByteToWideChar
GetEnvironmentStrings
GetCurrentThread
GetCommandLineA
GetVersionExA
HeapFree
SetStdHandle
OutputDebugStringA
GetUserDefaultLCID
DeleteCriticalSection
TlsSetValue
GetCurrentProcessId
GetCurrentThreadId
HeapAlloc
WriteConsoleOutputA
GetOEMCP
TerminateProcess
CreateFileMappingW
GetTimeFormatA
LCMapStringW
GetSystemInfo
EnumSystemLocalesA
FlushFileBuffers
HeapReAlloc
SetFilePointer
EnumResourceLanguagesA
InterlockedIncrement
SetLastError
lstrlenW
FreeEnvironmentStringsW

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a600594c8584451c744c1af7ac286a1

Headers

File Characteristics

Imports

wininet

kernel32

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 11KB - Virtual size: 23KB

.data Size: 287KB - Virtual size: 287KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 11KB - Virtual size: 23KB

.data
Size: 287KB - Virtual size: 287KB

.rsrc
Size: 2KB - Virtual size: 1KB