d508d71e5b20369d15498ecfe45c26fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d508d71e5b20369d15498ecfe45c26fe_JaffaCakes118
Size

147KB
MD5

d508d71e5b20369d15498ecfe45c26fe
SHA1

2523f81968823af44f41a7a0d3fc16901b7ed078
SHA256

054d9d0baffa7d85bff33698b13843a6d148936ccc41b3496bcd0a46365f7338
SHA512

4903967764b7c29adb32dcd6af8e5919dc2a7371e7d487fa9f83b22a2bb39e4850356069260c2a5a356e7f7e2ac76a6b8939f66a112547bf73e621f999df285c
SSDEEP

1536:bE1sipyMOAyFmCck9teWGJGxAB42su01tbhafzWlumhuFccLgdSSsWjcdwdfQ2io:+hzM0pw64h1qWQpgowdI25YHkskE4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d508d71e5b20369d15498ecfe45c26fe_JaffaCakes118

Files

d508d71e5b20369d15498ecfe45c26fe_JaffaCakes118
.exe windows:6 windows x86 arch:x86

e94c92ee8432bf4fa8fb04e88ec44dfd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\temp\Win32Project1\Release\Win32Project1.pdb

Imports

kernel32

GetLastError
Sleep
WaitForSingleObject
ReleaseMutex
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
CreateFileW
CloseHandle
GetVolumeInformationA
GetModuleFileNameW
DeleteFileW
lstrlenW
CreateThread
CreateMutexW
WriteConsoleW
SetStdHandle
OutputDebugStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
HeapReAlloc
LoadLibraryExW
RtlUnwind
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetStartupInfoW
GetFileType
GetStdHandle
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapSize
GetProcAddress
FlushFileBuffers
GetModuleHandleExW
ExitProcess
HeapAlloc
HeapFree
RaiseException
EncodePointer
DecodePointer
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent

user32

MoveWindow
InvalidateRect
UpdateWindow
GetMessageW
DispatchMessageW
LoadCursorW
GetSystemMetrics
DestroyWindow
CreateWindowExW
GetWindowRect
FindWindowW
PostMessageW
EndPaint
BeginPaint
PostQuitMessage
RegisterClassW
DefWindowProcW

shell32

SHGetFolderPathW
ShellExecuteA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

wininet

HttpSendRequestW
InternetOpenW
HttpOpenRequestW
InternetConnectW
InternetReadFile
InternetQueryDataAvailable
InternetCloseHandle
HttpQueryInfoW

shlwapi

ord12

gdiplus

GdipFree
GdipAlloc
GdipDeleteBrush
GdipCloneBrush
GdipCreateSolidFill
GdipDisposeImage
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipScaleWorldTransform
GdipGraphicsClear
GdipDrawString
GdipDrawImageI
GdipDrawImageRectI
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCloneImage
GdipGetImageWidth
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdiplusStartup
GdipGetImageHeight

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e94c92ee8432bf4fa8fb04e88ec44dfd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

ole32

wininet

shlwapi

gdiplus

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 5KB - Virtual size: 17KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 5KB - Virtual size: 17KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 6KB - Virtual size: 5KB