db7a079596b3b5ebac34da46551de83d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db7a079596b3b5ebac34da46551de83d_JaffaCakes118
Size

504KB
MD5

db7a079596b3b5ebac34da46551de83d
SHA1

603422db829b8e90b9b7dc8d870162fc593b1333
SHA256

ed6873edf8c142a4c7acdf0e3ede30b199ab056811e918f1065180101b9721e3
SHA512

2596bd1be2c463b4f4e6508a08d10836c1446411b100c261fcfdc05c4da3bc8340c41e60ebe85b781b06a4e7056f13aa9fa0a375e50a4b41e9e3ac5708414b9a
SSDEEP

12288:RZfpLIXNIToLumxokXDbJltfXrsEn3K6ZT:3fRIq0LBakXJltfXrvaE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db7a079596b3b5ebac34da46551de83d_JaffaCakes118

Files

db7a079596b3b5ebac34da46551de83d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

168e0e842a1001cbd32a2d5439dffee6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
GetSaveFileNameA

kernel32

GetConsoleOutputCP
LCMapStringW
GetTimeZoneInformation
GetACP
VirtualQueryEx
GetEnvironmentStrings
GetStartupInfoW
IsValidLocale
ExitProcess
OpenFile
EnterCriticalSection
GetTimeFormatA
DeleteCriticalSection
GetCPInfo
SetEnvironmentVariableA
GetUserDefaultLCID
SetLastError
GetStdHandle
OpenWaitableTimerW
RtlUnwind
SetStdHandle
IsValidCodePage
InterlockedDecrement
GetConsoleMode
SetUnhandledExceptionFilter
GetProfileStringA
EnumSystemLocalesW
Sleep
UnhandledExceptionFilter
MultiByteToWideChar
FindAtomA
CreateMutexA
GetStartupInfoA
VirtualQuery
VirtualFree
GetFileType
HeapSize
InitializeCriticalSection
GetStringTypeW
HeapFree
SetConsoleMode
IsDebuggerPresent
GetModuleFileNameW
GetLocaleInfoW
ReadFile
VirtualAlloc
GetVersionExA
CreateFileA
GetCommandLineW
GetProcAddress
InterlockedIncrement
TlsFree
GetCurrentProcessId
GetOEMCP
GetCurrentThread
WriteConsoleA
GetTickCount
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
FreeLibrary
FreeEnvironmentStringsA
CompareStringW
WriteConsoleW
HeapCreate
GetEnvironmentStringsW
InterlockedExchange
WritePrivateProfileSectionA
HeapAlloc
HeapReAlloc
EnumSystemLocalesA
GetDateFormatA
CreateFileW
LoadLibraryA
QueryPerformanceCounter
LCMapStringA
GetConsoleCP
SetFilePointer
SetHandleCount
GetCommandLineA
GetModuleFileNameA
LeaveCriticalSection
GetModuleHandleA
GetLocaleInfoA
FreeEnvironmentStringsW
GetCurrentProcess
HeapDestroy
OpenMutexA
GetCurrentThreadId
TlsSetValue
WriteFile
SetWaitableTimer
TerminateProcess
WideCharToMultiByte
WaitNamedPipeA
TlsAlloc
CloseHandle
GetStringTypeA
GetProcessHeap
CompareStringA
FlushFileBuffers
TlsGetValue
GetLastError

user32

SetDlgItemTextW
LoadImageW
SetSysColors
MenuItemFromPoint
CheckRadioButton
GetInputDesktop
RegisterClassA
GetKeyboardLayout
DlgDirSelectExA
SetCursorPos
InsertMenuItemA
UnloadKeyboardLayout
FindWindowA
CreateIconFromResource
GetWindowContextHelpId
ShowCaret
UnhookWinEvent
RegisterClassExA
ScrollWindow
InternalGetWindowText
BeginPaint
BlockInput
CharPrevA
GetMenuDefaultItem

wininet

FindFirstUrlCacheEntryExW
SetUrlCacheEntryInfoW
CommitUrlCacheEntryW
InternetFindNextFileW
RetrieveUrlCacheEntryStreamA
ShowClientAuthCerts
ResumeSuspendedDownload
UpdateUrlCacheContentPath

gdi32

WidenPath
GetTextExtentPoint32W
GetTextExtentPointW
GetEnhMetaFileHeader
CreateBrushIndirect
GetAspectRatioFilterEx
ExtTextOutW
CloseMetaFile

shell32

ExtractAssociatedIconExW
ExtractIconExA
ExtractAssociatedIconExA
ExtractIconExW
DoEnvironmentSubstW

comctl32

InitCommonControlsEx

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

168e0e842a1001cbd32a2d5439dffee6

Headers

File Characteristics

Imports

comdlg32

kernel32

user32

wininet

gdi32

shell32

comctl32

Sections

.text Size: 167KB - Virtual size: 166KB

.rdata Size: 10KB - Virtual size: 33KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 167KB - Virtual size: 166KB

.rdata
Size: 10KB - Virtual size: 33KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 11KB - Virtual size: 11KB