d6a7e9020e0ab498ce976179453088d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6a7e9020e0ab498ce976179453088d3_JaffaCakes118
Size

482KB
MD5

d6a7e9020e0ab498ce976179453088d3
SHA1

e730c2921767a918f55f240fed105afc34ee90b2
SHA256

9d02cea7492f94cfc8a179a5583e626c2146c936c576ba8e94a8890c463e78da
SHA512

b6d06122204739fbee7c01124dc802114427139be1608d01c968789d6d8e96ef06a923193724238fc98d2141b1a7581b910349d9170fde46eab73e08ffb9ccca
SSDEEP

12288:8fFN8QJeQzQyDUss/ojuzpQuWEJzZOFFVOloQy7chE1i8eCa8bx:8fFbkIdDUss/ojuptWEJzZOF/eofYDCt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6a7e9020e0ab498ce976179453088d3_JaffaCakes118

Files

d6a7e9020e0ab498ce976179453088d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

484d43d709e006b14bfc3d4f8935b2fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetConnectedStateExA
RunOnceUrlCache

kernel32

GetVersion
MoveFileA
CloseHandle
FlushFileBuffers
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
SetFilePointer
CompareStringW
SetSystemTime
GetCurrentProcess
ReadFile
GetLastError
GetModuleHandleA
LeaveCriticalSection
InitializeCriticalSection
CompareStringA
GetFileType
GetCurrentThread
GetACP
TlsAlloc
RaiseException
TlsGetValue
GetTimeFormatW
GetCurrentProcessId
GlobalCompact
GetStartupInfoA
WaitForMultipleObjects
ExpandEnvironmentStringsA
SetEndOfFile
EnumTimeFormatsW
DeleteAtom
GetProcessHeap
HeapDestroy
GetStringTypeA
GetTickCount
InterlockedExchange
CreateMutexA
TlsSetValue
SetLocalTime
FlushInstructionCache
LCMapStringA
GetStringTypeW
GetTimeZoneInformation
VirtualFree
ReadConsoleOutputCharacterW
InterlockedIncrement
GetCurrentThreadId
GetStdHandle
GetSystemTime
InterlockedDecrement
DeleteCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsW
GetLocalTime
GetProcAddress
SleepEx
GetModuleFileNameA
SetStdHandle
HeapValidate
IsBadWritePtr
VirtualAlloc
GetSystemTimeAsFileTime
HeapFree
SetHandleCount
HeapReAlloc
HeapAlloc
LoadLibraryA
OpenMutexA
GetDriveTypeA
lstrcmp
LCMapStringW
TlsFree
GetEnvironmentStringsW
TerminateProcess
RtlUnwind
EnterCriticalSection
WaitCommEvent
VirtualQuery
SetLastError
UnhandledExceptionFilter
WideCharToMultiByte
CommConfigDialogA
SetEnvironmentVariableA
WriteFile
GetCommandLineA
HeapCreate
ExitProcess
GetCPInfo

gdi32

CopyMetaFileA
DrawEscape
GetNearestColor
GetWorldTransform
CreateEnhMetaFileW
PolyBezierTo
EnumFontsA
SetEnhMetaFileBits
StretchDIBits
DeleteDC
CloseEnhMetaFile

comctl32

InitCommonControlsEx

user32

GetCapture
GetMonitorInfoA
LoadKeyboardLayoutA
GetWindowRect
SendMessageTimeoutW
RegisterClassA
DeleteMenu
SetScrollInfo
DdeNameService
GetAltTabInfo
GetUpdateRect
GetClassInfoA
GetGuiResources
DefDlgProcA
CopyAcceleratorTableW
MessageBoxA
GetInputState
EqualRect
ShowCaret
LoadAcceleratorsW
RegisterClassExA
GetDesktopWindow
BeginPaint
DdeConnect
RealChildWindowFromPoint

Sections

.text
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

484d43d709e006b14bfc3d4f8935b2fb

Headers

File Characteristics

Imports

wininet

kernel32

gdi32

comctl32

user32

Sections

.text Size: 295KB - Virtual size: 295KB

.rdata Size: 64KB - Virtual size: 87KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 295KB - Virtual size: 295KB

.rdata
Size: 64KB - Virtual size: 87KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 20KB - Virtual size: 19KB