dfd77cc1a7a20d20be8104365793b993_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dfd77cc1a7a20d20be8104365793b993_JaffaCakes118
Size

268KB
MD5

dfd77cc1a7a20d20be8104365793b993
SHA1

5868cd4f9bfa9281d1403a625bfbc138460393a9
SHA256

9e6268a41f11b7818d37c8677a42c64ea6f7f1af5e1c93f605510dd66462a7a6
SHA512

7af29714e00b32d73d64512034b9e12a8a2ea84adcb4aa1cd0589e73d86300e168a27d78a099c6298c1f13a7c491e2669a6c19998485ca0d756a5847e570f3e9
SSDEEP

6144:JRkn+alqMqDoV0L29KQWFte1RfUuSDe+ArH:JRg+allJ0LcKNyR3SM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfd77cc1a7a20d20be8104365793b993_JaffaCakes118

Files

dfd77cc1a7a20d20be8104365793b993_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6557903e39eb0fff6caac64e75d141e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo

kernel32

GetACP
GetThreadLocale
RaiseException
CompareFileTime
WaitForSingleObject
GetModuleHandleA
lstrlenW
lstrlenA
FreeLibrary
MoveFileA
GetWindowsDirectoryA
CreateEventA
CopyFileExA
GetSystemDirectoryA
CreateDirectoryA
GetThreadPriority
GetCurrentThreadId
GetLocalTime
GetCurrentDirectoryA
CreateMutexA
lstrcpynA
GetShortPathNameA
lstrcmpiA
LocalFree
CopyFileA
FileTimeToSystemTime
RemoveDirectoryA
SystemTimeToFileTime
IsValidCodePage
IsBadCodePtr
IsValidLocale
GetUserDefaultLCID
SetUnhandledExceptionFilter
TlsAlloc
GetOEMCP
GetSystemInfo
GetProcAddress

user32

CharPrevA
PostMessageA
MessageBoxA
CharUpperA
GetSystemMetrics

advapi32

IsTextUnicode
ImpersonateLoggedOnUser
RevertToSelf
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetTokenInformation
DuplicateTokenEx
SetTokenInformation
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoUninitialize
CoInitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocStringByteLen
SysAllocString

shlwapi

PathFileExistsA
PathRemoveFileSpecA

cryptui

CryptUIDlgSelectCA
CryptUIDlgViewContext
CryptUIWizQueryCertRequestNoDS
CryptUIDlgViewCertificateW
CryptUIGetViewSignaturesPagesW
CryptUIDlgSelectCertificateW

msident

DllCanUnloadNow

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Y
Size: 4KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MoKn
Size: 2KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fFqpwT
Size: 512B - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SD
Size: 3KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LdU
Size: 116KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FUMIG
Size: 1024B - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.f
Size: 1024B - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ANRgVD
Size: 97KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bi
Size: 3KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6557903e39eb0fff6caac64e75d141e1

Headers

File Characteristics

Imports

wininet

version

iphlpapi

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

cryptui

msident

Sections

.text Size: 14KB - Virtual size: 14KB

.Y Size: 4KB - Virtual size: 173KB

.MoKn Size: 2KB - Virtual size: 234KB

.rdata Size: 3KB - Virtual size: 35KB

.fFqpwT Size: 512B - Virtual size: 27KB

.SD Size: 3KB - Virtual size: 118KB

.LdU Size: 116KB - Virtual size: 119KB

.FUMIG Size: 1024B - Virtual size: 203KB

.a Size: 2KB - Virtual size: 38KB

.f Size: 1024B - Virtual size: 61KB

.data Size: 7KB - Virtual size: 222KB

.ANRgVD Size: 97KB - Virtual size: 179KB

.bi Size: 3KB - Virtual size: 75KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 14KB - Virtual size: 14KB

.Y
Size: 4KB - Virtual size: 173KB

.MoKn
Size: 2KB - Virtual size: 234KB

.rdata
Size: 3KB - Virtual size: 35KB

.fFqpwT
Size: 512B - Virtual size: 27KB

.SD
Size: 3KB - Virtual size: 118KB

.LdU
Size: 116KB - Virtual size: 119KB

.FUMIG
Size: 1024B - Virtual size: 203KB

.a
Size: 2KB - Virtual size: 38KB

.f
Size: 1024B - Virtual size: 61KB

.data
Size: 7KB - Virtual size: 222KB

.ANRgVD
Size: 97KB - Virtual size: 179KB

.bi
Size: 3KB - Virtual size: 75KB

.rsrc
Size: 10KB - Virtual size: 10KB