02dbb36bc1d41e5bcaace4d99a687fa5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

02dbb36bc1d41e5bcaace4d99a687fa5_JaffaCakes118
Size

323KB
MD5

02dbb36bc1d41e5bcaace4d99a687fa5
SHA1

3b5419fbe4f8bc4bbcff78ce1f925e5ac998eb7b
SHA256

06b1c4042541f9f3978a403c85768a68187197fa4b095fab738881fe46e64f85
SHA512

675fd95e6de0f6fbd8763610e69dd79490cc1880a9cd7d9a180bf1054bec5c77f6ef638c65eebdbee74e65eab15b79b02bf7dd48893bd31325645fc125ee524e
SSDEEP

6144:k846k6IrN1vwNMyE1giqncu4eNcksfi99ytTbLpcMZkjioO/t3gTLgI:x3k6IrTvwNq1giqcu44cksSyVLlGCW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02dbb36bc1d41e5bcaace4d99a687fa5_JaffaCakes118

Files

02dbb36bc1d41e5bcaace4d99a687fa5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05e8212f9b019156a4c1da7ac1a44b89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetDialW
DeleteUrlCacheEntryA
FindNextUrlCacheGroup
SetUrlCacheConfigInfoW
InternetFindNextFileA
InternetTimeFromSystemTimeW
InternetReadFileExW

comdlg32

ChooseFontW
LoadAlterBitmap
PageSetupDlgW
ReplaceTextW
FindTextA
ChooseColorW
PrintDlgW
GetFileTitleW
ReplaceTextA

user32

CopyAcceleratorTableA
DdeGetData
DestroyAcceleratorTable
GetWindowModuleFileNameA
SetRect
CharLowerW
SetWindowsHookA
DrawTextA
ReleaseCapture
RegisterClassExW

advapi32

CryptDecrypt
CryptReleaseContext
ReportEventA
CryptEnumProvidersA
RegEnumValueA
RegSetValueExW
RegSetValueA
DuplicateTokenEx
RegEnumKeyExW
RegCreateKeyA
RegDeleteKeyW
RegCloseKey
CryptEnumProviderTypesA
InitiateSystemShutdownW
RegLoadKeyW
RegQueryInfoKeyW
AbortSystemShutdownA

kernel32

FreeEnvironmentStringsA
TerminateProcess
EnumSystemLocalesA
RtlUnwind
DeleteCriticalSection
IsValidLocale
CompareStringA
HeapCreate
LoadLibraryA
GetStartupInfoA
GetStringTypeW
SetHandleCount
LCMapStringW
SetLastError
TlsGetValue
TlsFree
HeapValidate
LeaveCriticalSection
GetTimeZoneInformation
HeapReAlloc
ExitProcess
GetCommandLineA
DebugBreak
GetCurrentProcessId
GetThreadSelectorEntry
GetModuleFileNameA
InterlockedIncrement
IsBadReadPtr
QueryPerformanceCounter
FlushFileBuffers
GetCPInfo
WideCharToMultiByte
SetFilePointer
GetCurrentThreadId
GetProcAddress
GetStdHandle
GetVersionExA
VirtualProtect
GetCurrentThread
GetLastError
TlsSetValue
GetTickCount
GetSystemInfo
GetACP
EnterCriticalSection
GetEnvironmentStringsW
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
WriteFile
GetLocaleInfoA
OutputDebugStringA
SetEnvironmentVariableA
TlsAlloc
SetConsoleCtrlHandler
VirtualAlloc
GetUserDefaultLCID
CloseHandle
GetCurrentProcess
GetDateFormatA
HeapAlloc
InterlockedExchange
SetStdHandle
LCMapStringA
VirtualFree
GetSystemTimeAsFileTime
HeapFree
IsBadWritePtr
GetOEMCP
GetStringTypeA
GetFileType
GetTimeFormatA
VirtualQuery
GetEnvironmentStrings
IsValidCodePage
HeapDestroy
FreeEnvironmentStringsW
UnhandledExceptionFilter
CompareStringW
InitializeCriticalSection
GetLocaleInfoW

shell32

SheGetDirA
SHChangeNotify
SHUpdateRecycleBinIcon
FindExecutableW
DragQueryPoint

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05e8212f9b019156a4c1da7ac1a44b89

Headers

File Characteristics

Imports

wininet

comdlg32

user32

advapi32

kernel32

shell32

Sections

.text Size: 168KB - Virtual size: 167KB

.data Size: 144KB - Virtual size: 144KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 168KB - Virtual size: 167KB

.data
Size: 144KB - Virtual size: 144KB

.rsrc
Size: 10KB - Virtual size: 9KB