d4ab440b6e00bb37b4b1a6f4aba411e0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d4ab440b6e00bb37b4b1a6f4aba411e0_JaffaCakes118
Size

144KB
MD5

d4ab440b6e00bb37b4b1a6f4aba411e0
SHA1

c8ecfdc9525cc0267651e330364c08fcd517608f
SHA256

5412e344467fa471984e002cdc4e4df57820bdb0040d826506ab60f205c494f6
SHA512

82f3139678c48b85cad34c2706508e1f89cac46ada61d83ffb54721ad9c7f8d02c4c3991c941f8f56fcfdc94d717fc7f7d0b1a869dfbc9dd367df7a22d2d8192
SSDEEP

3072:SZbqv6XGNnE1kjCY6mnTXb6klU1TuTdCXOpDh/pidFe82:Ga6YsiDtXbHl8TydCXOV4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4ab440b6e00bb37b4b1a6f4aba411e0_JaffaCakes118

Files

d4ab440b6e00bb37b4b1a6f4aba411e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e29121ad9c13a89cc4c8f2d056083c13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetLocalTime
MoveFileExA
CreateFileA
GetModuleHandleA
GetDateFormatA
SizeofResource
SetSystemPowerState
FindNextFileA
GetCommandLineA
GetSystemTime
FindFirstFileA
CreateDirectoryA
CopyFileW
ResetEvent
VirtualFree
VirtualProtect
VirtualAlloc
GetProfileStringW
lstrcmpA
GetWindowsDirectoryA
InterlockedCompareExchange
WaitForMultipleObjects
DeleteFileA
FindFirstChangeNotificationA
CopyFileA
GetTempPathA
FindClose
GetFileAttributesA
GetStartupInfoA

comdlg32

GetFileTitleA
ChooseFontA
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA
ReplaceTextA

shlwapi

PathFindFileNameA
PathAddBackslashA
PathStripToRootA

ole32

OleCreate
StgCreateDocfile
CoSuspendClassObjects
CoUninitialize
OleSetContainedObject
CoInitialize

comctl32

ImageList_LoadImageA
ord6
CreateToolbarEx
ImageList_Add
DestroyPropertySheetPage
ImageList_SetOverlayImage
ord17
ImageList_Destroy

wininet

HttpQueryInfoA
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestA
InternetConnectA
HttpOpenRequestA
InternetCloseHandle
InternetQueryDataAvailable
InternetSetOptionExA
InternetCanonicalizeUrlA
InternetOpenA
InternetOpenUrlA

msvcrt

_XcptFilter
_controlfp
free
_except_handler3
__set_app_type
malloc
_exit
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e29121ad9c13a89cc4c8f2d056083c13

Headers

File Characteristics

Imports

kernel32

comdlg32

shlwapi

ole32

comctl32

wininet

msvcrt

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 40KB - Virtual size: 449KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 40KB - Virtual size: 449KB

.rsrc
Size: 4KB - Virtual size: 2KB