ffaa20da2ce7ca0775f5c1486bb84fef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ffaa20da2ce7ca0775f5c1486bb84fef_JaffaCakes118
Size

227KB
MD5

ffaa20da2ce7ca0775f5c1486bb84fef
SHA1

eec09a41833448d21ba3fa4afd999084126600ad
SHA256

f18b00d2179590233fed14b839abdbfad34e523c4aefcf28b600e9f4e40b5bee
SHA512

06ef09e80cf939f0d36774731a31f647b2d9eef83927e53c0a79ddeee035de8ae07462f0da120eb520e2c65e32422fc2637cf192ae7ead9df9a990ba97151db0
SSDEEP

6144:VNjLkWyklz/LfzdnxlH4tjY26uxG5W95Pk4a0eWc:Vtki7z3l4tjYcKW7k70i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffaa20da2ce7ca0775f5c1486bb84fef_JaffaCakes118

Files

ffaa20da2ce7ca0775f5c1486bb84fef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3dddb8bd1fe9a3ff5edd437ce405e116

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
LCMapStringA
CompareStringA
DeleteCriticalSection
HeapDestroy
GetACP
HeapAlloc
LoadLibraryA
GetDateFormatA
WideCharToMultiByte
EnterCriticalSection
GlobalHandle
FreeEnvironmentStringsW
GetLocaleInfoA
InterlockedExchange
UnhandledExceptionFilter
GetFileType
IsBadWritePtr
IsValidCodePage
EnumSystemLocalesA
GetStringTypeW
GetStdHandle
IsValidLocale
GetStringTypeA
HeapCreate
MultiByteToWideChar
GetUserDefaultLCID
InitializeCriticalSection
GetProcAddress
GetCommandLineA
HeapSize
HeapFree
CompareStringW
GetStartupInfoA
SetFileAttributesA
SetEnvironmentVariableA
VirtualQuery
VirtualProtect
SetHandleCount
WriteFile
GetLastError
SetLastError
GetCurrentThread
GetVersionExA
HeapReAlloc
VirtualFree
ExitProcess
GetCPInfo
FreeEnvironmentStringsA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
TlsGetValue
GetModuleHandleA
GetTimeFormatA
TlsAlloc
TlsFree
GetCurrentThreadId
RtlUnwind
LCMapStringW
GetOEMCP
GetTimeZoneInformation
GetCurrentProcessId
GetModuleFileNameA
TlsSetValue
GetLocaleInfoW
GlobalUnfix
GetTickCount
LeaveCriticalSection
GetEnvironmentStrings
GetSystemInfo
GetSystemTimeAsFileTime

shell32

SHFileOperationW

comdlg32

GetSaveFileNameA
GetFileTitleW
ReplaceTextA
ChooseColorW
GetFileTitleA
ChooseColorA
ReplaceTextW
PrintDlgW
ChooseFontW
FindTextA
PrintDlgA

wininet

InternetHangUp
UrlZonesDetach
InternetQueryOptionA
InternetUnlockRequestFile
InternetConfirmZoneCrossingW
FindFirstUrlCacheEntryExW
InternetGoOnline
IsUrlCacheEntryExpiredW
InternetCombineUrlW
InternetGetCertByURL
FindNextUrlCacheEntryA
InternetTimeToSystemTimeW
InternetDialA
UnlockUrlCacheEntryFileW
InternetTimeToSystemTime
InternetAttemptConnect
FtpOpenFileA
FtpPutFileEx
FindNextUrlCacheContainerW

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dddb8bd1fe9a3ff5edd437ce405e116

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

wininet

Sections

.text Size: 109KB - Virtual size: 108KB

.data Size: 109KB - Virtual size: 139KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 109KB - Virtual size: 108KB

.data
Size: 109KB - Virtual size: 139KB

.rsrc
Size: 8KB - Virtual size: 8KB