ea9d0f880193ca58b47d145b2cc745fc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ea9d0f880193ca58b47d145b2cc745fc_JaffaCakes118
Size

628KB
MD5

ea9d0f880193ca58b47d145b2cc745fc
SHA1

a3aa2a24004f14dcb405daa06467643879551691
SHA256

b0746c70eb875186820f612b175dee0657b0993b0fc3443c52deef68496b11a0
SHA512

84802466584e17ae7ea85a0fd1e0927a179efd6513ed2b7aecca663ad344376caff451801799d6409e0dce821680ae7f5f40e721c5ed3298ee91c08f6c6dffc6
SSDEEP

12288:cVpZ/c46cfdS4EEK34mgyDzVc4lcn2V4KZHjw+Q:cPZ/c4jfdS4ElIyDznlKe4KZHj9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea9d0f880193ca58b47d145b2cc745fc_JaffaCakes118

Files

ea9d0f880193ca58b47d145b2cc745fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

59cb44d336bda79b93ef8a046e35aeee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetStringTypeW
CreateMutexA
CloseHandle
SetCriticalSectionSpinCount
lstrcpyA
OpenMutexA
GetTimeFormatA
GetLastError
WriteConsoleW
GetCPInfo
VirtualQuery
MultiByteToWideChar
SetHandleCount
GetDateFormatA
QueryPerformanceCounter
GetCurrentThread
GetEnvironmentStringsW
SetConsoleOutputCP
DeleteCriticalSection
GetStdHandle
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetEnvironmentStrings
TlsFree
Sleep
VirtualFree
GetConsoleMode
InitializeCriticalSectionAndSpinCount
TlsSetValue
FlushFileBuffers
IsDebuggerPresent
GetConsoleCP
WriteConsoleA
SetLastError
ExitProcess
GetFileType
SetStdHandle
GetACP
GetUserDefaultLCID
CreateFileA
GetSystemTimeAsFileTime
InterlockedDecrement
WriteFile
InterlockedExchange
IsValidCodePage
GetCurrentThreadId
TlsAlloc
GetLocaleInfoW
FreeEnvironmentStringsA
GetCommandLineA
HeapDestroy
WideCharToMultiByte
HeapCreate
GetOEMCP
lstrcmpi
GetConsoleOutputCP
GetStringTypeA
VirtualAlloc
HeapSize
EnumSystemLocalesA
GetCurrentProcessId
LCMapStringW
GetLocaleInfoA
TlsGetValue
SetConsoleCtrlHandler
GetConsoleTitleA
GetStartupInfoA
HeapAlloc
LoadLibraryA
CompareStringW
GetTickCount
EnterCriticalSection
IsValidLocale
SetEnvironmentVariableA
FreeLibrary
GetModuleHandleA
LeaveCriticalSection
WaitNamedPipeA
HeapFree
GetModuleFileNameA
GetProcessHeap
HeapReAlloc
ReadFile
GetCurrentProcess
UnhandledExceptionFilter
GetTimeZoneInformation
TerminateProcess
RtlUnwind
LCMapStringA
CompareStringA
GetModuleHandleW
SetFilePointer
InterlockedIncrement

shell32

SHGetPathFromIDListW
SheGetDirA
CheckEscapesW

user32

CreateDialogParamW
BlockInput
CreateDialogParamA
CharNextW
RegisterClassExA
SetMenu
FlashWindow
LoadMenuA
RegisterClassA
CreateCaret
GetMenuBarInfo
WaitMessage
EnumWindows
ChangeDisplaySettingsA
GetClientRect
OpenClipboard
CharUpperBuffW
wsprintfA
VkKeyScanExA
EnableMenuItem

comctl32

InitCommonControlsEx

wininet

GopherOpenFileA
RetrieveUrlCacheEntryStreamW
FindNextUrlCacheEntryW
IncrementUrlCacheHeaderData
FindFirstUrlCacheGroup
InternetTimeToSystemTimeW
GetUrlCacheConfigInfoA
FindNextUrlCacheGroup
FtpPutFileEx

Sections

.text
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59cb44d336bda79b93ef8a046e35aeee

Headers

File Characteristics

Imports

kernel32

shell32

user32

comctl32

wininet

Sections

.text Size: 288KB - Virtual size: 288KB

.rdata Size: 10KB - Virtual size: 20KB

.data Size: 323KB - Virtual size: 322KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 288KB - Virtual size: 288KB

.rdata
Size: 10KB - Virtual size: 20KB

.data
Size: 323KB - Virtual size: 322KB

.rsrc
Size: 6KB - Virtual size: 5KB