f6cf38bc6c92cc66fa5b0e0ec7275869_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f6cf38bc6c92cc66fa5b0e0ec7275869_JaffaCakes118
Size

491KB
MD5

f6cf38bc6c92cc66fa5b0e0ec7275869
SHA1

43f8c91fe6d0ec4e1c87f33d36ea8520d12145dd
SHA256

4625e3406ae8797524b3a6b152d119768488c843ec39455d07ef16d1eb3ccd90
SHA512

35dab0492a09c9ec19d194cf89eb5b9a5c3eb8373580215d264406717dea28299a71cd501fc9512d3265d572cadc180ad567aadde016760e72eaf11e4f728dc0
SSDEEP

12288:gHSM8l8mY+FJSXIs1oawz++i9SeMAuVMzHyB4L5WQb:gyM8lOeaImwz+H9XLzSB4LE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6cf38bc6c92cc66fa5b0e0ec7275869_JaffaCakes118

Files

f6cf38bc6c92cc66fa5b0e0ec7275869_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58fe9ea932efcb8b9e4f8bf2f1358324

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\t

Imports

kernel32

RtlUnwind
CompareStringA
EnumCalendarInfoExA
InitializeCriticalSection
VirtualAlloc
SetLastError
GetSystemTimeAsFileTime
CreateEventA
HeapAlloc
GetTickCount
OpenMutexA
OpenWaitableTimerW
FreeEnvironmentStringsW
WriteFile
LCMapStringA
TerminateProcess
GetCPInfo
ConnectNamedPipe
VirtualProtect
EnumResourceNamesW
GetLastError
HeapFree
SetHandleCount
IsValidCodePage
VirtualQuery
TlsFree
SetVolumeLabelA
GetCurrentThreadId
IsBadWritePtr
GetStringTypeA
GetCurrentProcess
GetCurrentThread
SetFilePointer
EnumDateFormatsExW
FindFirstFileA
GetStdHandle
HeapDestroy
InterlockedExchangeAdd
ExitProcess
IsValidLocale
GlobalDeleteAtom
TlsAlloc
GetCommandLineA
EnterCriticalSection
GetVersionExA
LoadLibraryA
WideCharToMultiByte
GetDateFormatA
GetLocaleInfoA
SetStdHandle
GetModuleFileNameA
GetUserDefaultLCID
QueryPerformanceCounter
MultiByteToWideChar
CreateMutexA
GetStringTypeW
GetProfileStringA
WriteConsoleOutputCharacterW
GetSystemInfo
lstrcmpA
DeleteCriticalSection
GetFileType
GetProcAddress
GetStartupInfoW
OutputDebugStringA
HeapSize
TlsGetValue
GetTimeZoneInformation
GetStartupInfoA
GetOEMCP
GetEnvironmentStringsW
VirtualFree
FreeEnvironmentStringsA
WaitForMultipleObjects
CompareStringW
FlushFileBuffers
GetModuleFileNameW
EnumSystemLocalesA
GetACP
GetEnvironmentStrings
LocalCompact
ReadFile
GetPrivateProfileSectionNamesW
GetLocaleInfoW
InterlockedDecrement
GetModuleHandleA
ReadConsoleOutputAttribute
SetEnvironmentVariableA
HeapCreate
TlsSetValue
HeapReAlloc
GetTimeFormatA
CloseHandle
GetCommandLineW
GetCurrentProcessId
LeaveCriticalSection
LCMapStringW
UnhandledExceptionFilter
InterlockedExchange

comdlg32

ChooseColorW
PrintDlgW
ReplaceTextW
GetOpenFileNameW

wininet

HttpSendRequestW
DetectAutoProxyUrl
InternetCanonicalizeUrlA
InternetConfirmZoneCrossingW
HttpSendRequestExW
FindNextUrlCacheEntryExA
FtpRenameFileW

user32

DrawCaption
CallMsgFilterW
DrawTextW
RegisterClassA
HideCaret
GetMenuDefaultItem
GetPriorityClipboardFormat
RegisterClassExA
SetWindowLongW
SetMessageExtraInfo
CreateMenu
CreatePopupMenu
SetClipboardViewer
SetWindowsHookA
GetDlgItemInt

comctl32

InitCommonControlsEx

Sections

.text
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58fe9ea932efcb8b9e4f8bf2f1358324

Headers

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

wininet

user32

comctl32

Sections

.text Size: 346KB - Virtual size: 345KB

.rdata Size: 26KB - Virtual size: 34KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 346KB - Virtual size: 345KB

.rdata
Size: 26KB - Virtual size: 34KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 15KB - Virtual size: 15KB