db725b626755070ecb2ffd1d299b20e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db725b626755070ecb2ffd1d299b20e6_JaffaCakes118
Size

369KB
MD5

db725b626755070ecb2ffd1d299b20e6
SHA1

829b9b200f5a6e1106353928bb133036bac81ede
SHA256

f1adf4c78be9db69c961faa4ed9c711da2d3b5be4d151c2d336a728f24443815
SHA512

c77b6f66e59b761fe9fa2336192825eb00f0e8faa4d315b014c1ba130933c88b2e1bec06b0fee32f9c8ff2b0a9d9b07bc8afcdce0c774c95fba7b545659c80ed
SSDEEP

6144:wNDuJyd0HUhS1xUoKf+NrXzY4H6xRnpCYOF3HjTr/n45Qdgo/fx0qEqC4qyLYaOa:o0HKScoN4RnpDOFzTD4kV/fxNC4j7OZ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db725b626755070ecb2ffd1d299b20e6_JaffaCakes118

Files

db725b626755070ecb2ffd1d299b20e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1627b66cf1e3791035cdad9ab92c31f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

SetUrlCacheGroupAttributeA
FindCloseUrlCache
ShowSecurityInfo
FindFirstUrlCacheContainerA
InternetQueryFortezzaStatus
InternetShowSecurityInfoByURL
InternetSetFilePointer
SetUrlCacheEntryGroupW

user32

InvertRect
SetScrollInfo
RegisterClassA
GetWindowModuleFileNameW
GetDlgItem
GetMenuCheckMarkDimensions
RegisterClassExA
MapVirtualKeyA
GetWindowTextA
GetCaretBlinkTime
GetCaretPos
GetMenuItemInfoW
SetWindowLongW
InsertMenuItemW
SetClassWord
SetDlgItemInt
SetShellWindow
EnumChildWindows
SetKeyboardState
GetKeyboardLayoutNameA
CopyAcceleratorTableA
LoadIconA

shell32

SheSetCurDrive

advapi32

CryptDeriveKey
CryptGetProvParam
CryptGetDefaultProviderA
CryptSignHashW
RegOpenKeyExW
RegConnectRegistryA
CryptGetKeyParam
CryptHashSessionKey

kernel32

GetCurrentProcess
GetTickCount
GetCPInfo
GetProcAddress
WriteFile
HeapValidate
GetCurrentProcessId
SetFilePointer
CreateMutexA
HeapReAlloc
HeapAlloc
TlsGetValue
IsValidCodePage
SetStdHandle
TerminateProcess
LCMapStringW
GetLocaleInfoW
GetEnvironmentStringsW
GetStringTypeW
EnterCriticalSection
GetOEMCP
CompareStringW
SetConsoleActiveScreenBuffer
TlsSetValue
GetDateFormatA
CompareStringA
GetTimeZoneInformation
HeapFree
GetCurrentThread
GetStdHandle
MultiByteToWideChar
GetSystemInfo
GetACP
GetVolumeInformationW
GetFileAttributesExW
OpenMutexA
WideCharToMultiByte
SetEnvironmentVariableA
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
RtlUnwind
HeapCreate
HeapDestroy
VirtualProtect
GetVersionExA
GetModuleFileNameA
LCMapStringA
VirtualAlloc
SetLastError
GetLocaleInfoA
QueryPerformanceCounter
ReadFile
GetModuleHandleA
TransactNamedPipe
GetCurrentThreadId
DeleteCriticalSection
FindAtomA
TlsFree
GetStringTypeA
VirtualQuery
IsValidLocale
GetTimeFormatA
FreeEnvironmentStringsA
HeapSize
GetEnvironmentStrings
SetUnhandledExceptionFilter
GetCommandLineA
CloseHandle
LoadLibraryA
AddAtomW
TlsAlloc
UnhandledExceptionFilter
IsBadWritePtr
FreeResource
InitializeCriticalSection
SetHandleCount
ExitProcess
GetFileType
FlushFileBuffers
InterlockedExchange
VirtualFree
CreateFileW
GetStartupInfoA
EnumSystemLocalesA
LeaveCriticalSection
GetUserDefaultLCID
GetLastError

comctl32

InitCommonControlsEx

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1627b66cf1e3791035cdad9ab92c31f

Headers

File Characteristics

Imports

wininet

user32

shell32

advapi32

kernel32

comctl32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 8KB - Virtual size: 38KB

.data Size: 206KB - Virtual size: 206KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 8KB - Virtual size: 38KB

.data
Size: 206KB - Virtual size: 206KB

.rsrc
Size: 6KB - Virtual size: 6KB