ea5c304736782e9c69b6a7af88abc174_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea5c304736782e9c69b6a7af88abc174_JaffaCakes118
Size

264KB
MD5

ea5c304736782e9c69b6a7af88abc174
SHA1

7c2dac1d95303c32c6253cb760128b6ff2509d0c
SHA256

76f1fe55a209ddd1251831bc36742772acf0df5b8f15dd8431cbb75b762f0de8
SHA512

7d18dec9d86bec2a58f62581ef4c4ecc264c6000ea5a5f041e6c71a82bc78bb2dee870ae6917271192ffc1dfd050dfc9897860b301bf6e7a982f2453824d4ce7
SSDEEP

6144:TtxAfLVSv0V2r5H2IlXu/naIdVTBoYUwgwxJ0BjjXqWbKL:TiLV38dl9IdVT6LwglqWbY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea5c304736782e9c69b6a7af88abc174_JaffaCakes118

Files

ea5c304736782e9c69b6a7af88abc174_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3608176409eb8b0ada6d0053bf8e3b93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
VirtualAlloc
RaiseException
Sleep
DeleteFileA
GetFileAttributesA
VirtualProtect
GetFullPathNameA
CloseHandle
CreateProcessA
GetCommandLineA
MoveFileA
SetFileAttributesA
lstrcpyA
FindClose
FindFirstFileA
GetModuleFileNameA
ExitProcess
CopyFileA
lstrlenA
lstrcpynA
WriteFile
lstrcmpiA
SetErrorMode
GetCurrentDirectoryA
CreateThread
ResumeThread
SetEvent
TerminateThread
SetThreadPriority
GetCurrentThread
WaitForSingleObject
ReleaseMutex
ResetEvent
GetPrivateProfileStringA
lstrcatA
MapViewOfFile
CreateFileMappingA
CreateDirectoryA
UnmapViewOfFile
lstrcmpA
FreeLibrary
GetProcAddress
LoadLibraryA
ReadFile
SetFilePointer
GetModuleHandleA
GetFileSize
FlushFileBuffers
SetEndOfFile
InterlockedIncrement
InterlockedDecrement
SetLastError
GetDiskFreeSpaceA
GetVersionExA
GetCurrentProcess
MulDiv
GetLastError
CreateMutexA
VirtualFree
GetStdHandle
GetEnvironmentVariableA
GlobalFree
SuspendThread
CreateEventA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
CreateFileA
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetVersion
GetStartupInfoA
CompareStringW
HeapDestroy
HeapCreate
RtlUnwind
MultiByteToWideChar
GetCPInfo
CompareStringA
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetACP
GetOEMCP

user32

FindWindowExA
DispatchMessageA
SystemParametersInfoA
SendMessageA
DestroyAcceleratorTable
GetMessageA
TranslateAcceleratorA
TranslateMessage
LoadStringA
GetSystemMenu
CreateMenu
AppendMenuA
InsertMenuA
DeleteMenu
DestroyMenu
PostQuitMessage
LoadImageA
RegisterClassExA
wsprintfA
AdjustWindowRect
CreateWindowExA
GetClientRect
CreateAcceleratorTableA
GetDC
ReleaseDC
ShowWindow
GetWindowTextA
MessageBoxIndirectA
EndDialog
DialogBoxParamA
SetWindowTextA
EnableWindow
SetForegroundWindow
DefWindowProcA
DestroyWindow
GetAsyncKeyState
GetDlgItem

gdi32

GetStockObject
CreateFontIndirectA
GetDeviceCaps
EnumFontFamiliesExA
DeleteObject

wininet

FtpSetCurrentDirectoryA
InternetOpenA
InternetOpenUrlA
InternetQueryOptionA
FtpFindFirstFileA
InternetFindNextFileA
FtpOpenFileA
InternetReadFile
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetCloseHandle

comctl32

InitCommonControlsEx

shell32

ShellExecuteA

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hunxhsv
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3608176409eb8b0ada6d0053bf8e3b93

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

wininet

comctl32

shell32

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 16KB - Virtual size: 22KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 32KB

hunxhsv Size: 72KB - Virtual size: 72KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 16KB - Virtual size: 22KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 32KB

hunxhsv
Size: 72KB - Virtual size: 72KB