de5c413691356dcf2a3aea5bc983c677_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

de5c413691356dcf2a3aea5bc983c677_JaffaCakes118
Size

515KB
MD5

de5c413691356dcf2a3aea5bc983c677
SHA1

fa94db9ee81a647b8d4ec0f695b0d04ed2a401ee
SHA256

7428b0707caa522719c73abd50ab5f5f4a197b18c4d7fa74e5df2cb43f631699
SHA512

a34d6f87deb589415fd430ad9187cf9f4629b2d55da73e7ef42762cd28dd72f0c4cc0f7a6da6392536276e8f5f0d7c8189792d5cd94b561ce59425e9973bc189
SSDEEP

12288:G6J0DqhK5WbzG9zVbHPbBAikcVV9hP6MEDUU8mCxP7otnu1wl:BJhK5YKzVrylcVF6MEoVt0tu1w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de5c413691356dcf2a3aea5bc983c677_JaffaCakes118

Files

de5c413691356dcf2a3aea5bc983c677_JaffaCakes118
.exe windows:4 windows x86 arch:x86

388283017060d978aa4cd390b2088304

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA

user32

LoadIconW
SetKeyboardState
SetCursor
RegisterClassExW
PostThreadMessageA
CreateWindowExA
UnionRect
DestroyCaret
SubtractRect
InvertRect
RegisterClassExA
CharLowerBuffA
DlgDirListComboBoxW
LoadIconA
VkKeyScanA
GetIconInfo
RegisterClassA
RemovePropW
GetMessageW
TranslateAcceleratorA
SetMessageExtraInfo
SetMenuContextHelpId
EnumDisplaySettingsExA
GetWindowLongW
BringWindowToTop

wininet

SetUrlCacheEntryInfoA
InternetConnectA
GetUrlCacheGroupAttributeW
InternetOpenW
GopherGetAttributeW
FindNextUrlCacheContainerA
InternetQueryDataAvailable

comctl32

InitCommonControlsEx

kernel32

ExitProcess
EnumSystemLocalesA
LoadLibraryA
TlsAlloc
GetStringTypeW
DeleteCriticalSection
GetLocaleInfoW
LCMapStringW
UnhandledExceptionFilter
TerminateProcess
SetLastError
SetEnvironmentVariableA
GetTimeZoneInformation
GetDriveTypeW
VirtualAlloc
SetHandleCount
WideCharToMultiByte
HeapSize
SetFilePointer
GetCurrentProcess
IsBadWritePtr
VirtualFree
TlsSetValue
FreeEnvironmentStringsA
HeapCreate
IsValidCodePage
GetModuleFileNameA
VirtualQuery
SetStdHandle
CompareStringA
CompareStringW
GetLocaleInfoA
GetStringTypeA
QueryPerformanceCounter
LeaveCriticalSection
GetDateFormatA
GetSystemTimeAsFileTime
ReadFile
GetLastError
TlsGetValue
FreeEnvironmentStringsW
GetCurrentThreadId
GetCommandLineW
OpenMutexA
GetStartupInfoW
CloseHandle
VirtualProtect
GetFileType
GetEnvironmentStrings
GetVersionExA
HeapAlloc
GetModuleFileNameW
GetSystemInfo
HeapFree
EnterCriticalSection
MultiByteToWideChar
GetACP
GetUserDefaultLCID
GetCurrentThread
HeapReAlloc
HeapDestroy
InterlockedExchange
GetStdHandle
GetProcAddress
GetOEMCP
InitializeCriticalSection
GetCurrentProcessId
FlushFileBuffers
TlsFree
GetTickCount
RtlUnwind
GetStartupInfoA
GetCPInfo
GetModuleHandleA
GetCommandLineA
IsValidLocale
LCMapStringA
ResetEvent
CreateMutexA
WriteFile
GetEnvironmentStringsW
GetTimeFormatA

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

388283017060d978aa4cd390b2088304

Headers

File Characteristics

Imports

comdlg32

user32

wininet

comctl32

kernel32

Sections

.text Size: 187KB - Virtual size: 186KB

.rdata Size: 8KB - Virtual size: 27KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 187KB - Virtual size: 186KB

.rdata
Size: 8KB - Virtual size: 27KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 6KB - Virtual size: 6KB