e13aa2be2f214cb3f154fd9a2d4717bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e13aa2be2f214cb3f154fd9a2d4717bb_JaffaCakes118
Size

538KB
MD5

e13aa2be2f214cb3f154fd9a2d4717bb
SHA1

6de9bb94b4ddf77340c7dbe67a1a5db01d905c50
SHA256

8eadedf211c21240fa586b478cb8113c33d06b534abea1f9bebc3e8f53c38394
SHA512

5453c89d93be2f5cd707747babd1a6baa5862b70632f45503c2f2c69cf8c28a3263f152d5399dc08b5cc73829223c8db4d960d7d539ce92cd15f475b452b5811
SSDEEP

6144:DXD2+EI+cLjXCauxR3a8m+PIRWRbziJYGQ+vZstSURQoV9DMyDsf+8ZiKo+qASEE:DXIcLjShfc+aUbPhoqAUJS/U/nQe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e13aa2be2f214cb3f154fd9a2d4717bb_JaffaCakes118

Files

e13aa2be2f214cb3f154fd9a2d4717bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b54b7eb4ff2b99a94059a5110cca7f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

RegisterClassA
ShowOwnedPopups
RegisterClassExA

comdlg32

ReplaceTextA
GetOpenFileNameW
PrintDlgW

wininet

InternetCombineUrlA
InternetCombineUrlW
InternetReadFileExW
FtpRenameFileA
GopherFindFirstFileA
FtpSetCurrentDirectoryW

kernel32

GetSystemTime
SetLastError
FlushFileBuffers
OpenMutexA
GetTickCount
QueryPerformanceCounter
RemoveDirectoryA
MultiByteToWideChar
GlobalGetAtomNameW
UnhandledExceptionFilter
GetCurrentProcess
InterlockedExchange
CloseHandle
GetStdHandle
GetOEMCP
SetFilePointer
GetCurrentThread
SetThreadContext
RaiseException
GetACP
GetCurrentProcessId
FreeEnvironmentStringsW
TerminateProcess
CopyFileA
WriteFile
TlsGetValue
GetStringTypeW
LoadModule
GetStartupInfoA
GetFileType
VirtualAlloc
SetHandleCount
GetTempFileNameA
LCMapStringA
GetProcAddress
SuspendThread
CreateMutexA
GetEnvironmentStrings
InterlockedDecrement
LeaveCriticalSection
LCMapStringW
LoadLibraryA
ReadFile
GetEnvironmentStringsW
CompareStringA
SetStdHandle
EnumResourceTypesW
GetLocalTime
HeapReAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
HeapDestroy
FreeEnvironmentStringsA
VirtualFree
OpenFile
HeapFree
ReadConsoleOutputAttribute
CompareStringW
HeapCreate
GetModuleFileNameA
GetCPInfo
VirtualQuery
GetCommandLineA
GetVersion
GetSystemDefaultLCID
HeapAlloc
RtlUnwind
IsBadWritePtr
GetCurrentThreadId
InitializeCriticalSection
TlsAlloc
GetStringTypeA
EnterCriticalSection
DeleteCriticalSection
GetLastError
ExitProcess
InterlockedIncrement
SetEnvironmentVariableA
WideCharToMultiByte
GetTimeZoneInformation
TlsFree
TlsSetValue

gdi32

GetDCOrgEx
OffsetRgn
GetObjectW
CreatePolygonRgn
CreateHatchBrush
PolyDraw
GetPixel
CloseFigure
ExtTextOutW
GetTextMetricsW
GdiSetBatchLimit
CloseEnhMetaFile
CreateMetaFileW

Sections

.text
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b54b7eb4ff2b99a94059a5110cca7f2

Headers

File Characteristics

Imports

comctl32

user32

comdlg32

wininet

kernel32

gdi32

Sections

.text Size: 212KB - Virtual size: 212KB

.rdata Size: 4KB - Virtual size: 35KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 212KB - Virtual size: 212KB

.rdata
Size: 4KB - Virtual size: 35KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 6KB - Virtual size: 5KB