efc566599eb30be444a82e5d4be07b3c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

efc566599eb30be444a82e5d4be07b3c_JaffaCakes118
Size

511KB
MD5

efc566599eb30be444a82e5d4be07b3c
SHA1

937db6584b932e0611fef3329473822cdb5aa879
SHA256

1668832e563be83f3676e31e687fa736527fc6bf062566541ab4eb016fd56d2c
SHA512

0de2318d4fcaba0e274e53fbae3f386921f9e635594a45012f22b674abbef684c46a0db6f5639a773e6e674f2f9d446ddd5c90aa32e6248f3409b041bca1db61
SSDEEP

12288:al1tlpEPBoUIBPR66tg4K5ZGwOx3FAZeG:41tlpsBoUkPR6eWGw+3K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efc566599eb30be444a82e5d4be07b3c_JaffaCakes118

Files

efc566599eb30be444a82e5d4be07b3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31d3ff8bc851fa84ea5ad52917d061bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
FindTextW

kernel32

ReadFile
GetDiskFreeSpaceA
GetModuleHandleA
CompareStringA
VirtualQuery
TlsSetValue
LCMapStringW
HeapReAlloc
CreateMailslotW
GetStdHandle
TlsAlloc
GetConsoleCP
GetStartupInfoA
GetLocaleInfoW
GetACP
GetConsoleOutputCP
WriteConsoleW
GetCurrentProcess
IsValidCodePage
HeapCreate
GetCurrentThreadId
GetFileType
CreateFileA
GetProcAddress
IsDebuggerPresent
DeleteCriticalSection
Sleep
HeapAlloc
GetModuleFileNameA
CreateProcessA
HeapFree
GetThreadTimes
WideCharToMultiByte
GetStringTypeA
GetLocaleInfoA
InterlockedIncrement
GetFullPathNameW
TlsGetValue
GetThreadPriorityBoost
SetUnhandledExceptionFilter
LoadLibraryA
MultiByteToWideChar
GetEnvironmentStrings
GetUserDefaultLCID
EnumResourceNamesA
CreateMutexA
GetOEMCP
SetFilePointer
RtlUnwind
LockFileEx
GetVersionExA
GetFileSize
GetCurrentProcessId
FlushFileBuffers
CloseHandle
GetProcessHeap
LeaveCriticalSection
CompareStringW
WriteConsoleA
VirtualFree
HeapSize
GetCPInfo
SetConsoleTitleA
EnumSystemLocalesA
GetConsoleMode
WriteFile
GetTimeFormatA
ExitProcess
GetEnvironmentStringsW
EnumCalendarInfoA
GetSystemTimeAsFileTime
FreeLibrary
LCMapStringA
GetThreadSelectorEntry
GetProcAddress
FreeEnvironmentStringsA
GetTickCount
GetDateFormatA
GetStringTypeW
SetHandleCount
GetCurrentThread
TerminateProcess
GetPrivateProfileStringA
InterlockedExchange
GetTimeZoneInformation
InitializeCriticalSection
TlsFree
GetFileAttributesA
SetEnvironmentVariableA
VirtualAlloc
GetLastError
OpenMutexA
CreateFileW
FreeEnvironmentStringsW
HeapDestroy
HeapLock
SetLastError
QueryPerformanceCounter
EnterCriticalSection
IsValidLocale
SetStdHandle
UnhandledExceptionFilter
GetProfileStringA
SetConsoleCtrlHandler
InterlockedDecrement
GetCommandLineA
LocalSize

user32

SetProcessWindowStation
CheckDlgButton
DefMDIChildProcA
SetActiveWindow
RegisterClassA
SetClassLongW
RegisterClassExA
GetGUIThreadInfo
LoadMenuW
LoadImageA
FreeDDElParam
ScrollWindowEx
EnumChildWindows
GetScrollInfo
GetMenuDefaultItem

comctl32

InitCommonControlsEx

wininet

HttpSendRequestA
InternetConfirmZoneCrossing
InternetDial
InternetDialA
IncrementUrlCacheHeaderData
InternetAttemptConnect
HttpAddRequestHeadersA
RetrieveUrlCacheEntryStreamA
GetUrlCacheGroupAttributeW

gdi32

PlayMetaFile
PtVisible
GetTextExtentPoint32W
SetBrushOrgEx

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31d3ff8bc851fa84ea5ad52917d061bd

Headers

File Characteristics

Imports

comdlg32

kernel32

user32

comctl32

wininet

gdi32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 10KB - Virtual size: 17KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 10KB - Virtual size: 17KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 13KB - Virtual size: 13KB