0783e86cfaaa5b46770e460bb5836115_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0783e86cfaaa5b46770e460bb5836115_JaffaCakes118
Size

230KB
MD5

0783e86cfaaa5b46770e460bb5836115
SHA1

b9300b76bfeb25ff4be685945f4f5fc3fd5d1b38
SHA256

fbea892e1fbeb1bfbb26a6526f18d34d36a086599d165f660ec2699260456b3b
SHA512

aaf71e88d9c587409bfd6e70b15c15e8521364602abfca2b9ac2e9b24d7cd364fa9800f3412349bd228dd6fc67755be851f2c69cd5aa28d1e066f454ae315026
SSDEEP

6144:w/hjJERLYraNRkG+4TCCjcx9XEoqxABlGLRlwrlL/cOqOLEYnY/:KDaNz+4TCCjU9UoIABELscOd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0783e86cfaaa5b46770e460bb5836115_JaffaCakes118

Files

0783e86cfaaa5b46770e460bb5836115_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f8a7914e4a46c940d4b8cd2cf3eaa47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GlobalFree
UnhandledExceptionFilter
WriteProfileStringA
RtlUnwind
InitializeCriticalSection
VirtualLock
GetCurrentProcess
GetStringTypeA
VirtualAlloc
WriteFile
TlsGetValue
HeapReAlloc
GetLastError
OpenWaitableTimerA
GetFileType
FreeEnvironmentStringsA
WideCharToMultiByte
GetModuleFileNameA
GetACP
HeapDestroy
ExitProcess
GetCurrentThread
HeapCreate
LCMapStringW
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeW
EnterCriticalSection
SetHandleCount
QueryPerformanceCounter
GlobalLock
TlsAlloc
SetConsoleMode
VirtualQuery
GetCurrentThreadId
DeleteCriticalSection
HeapAlloc
GetStartupInfoA
HeapFree
LoadModule
TerminateProcess
GetCurrentProcessId
EnumDateFormatsA
IsBadWritePtr
GetVersion
ReadConsoleOutputW
MultiByteToWideChar
CreateFileMappingA
GetEnvironmentStrings
LCMapStringA
FreeEnvironmentStringsW
TlsFree
VirtualFree
GetCalendarInfoW
WriteFileEx
GetModuleHandleA
DeleteFileW
GetCommandLineA
LockFile
MoveFileExA
GetStdHandle
FindNextFileW
GlobalGetAtomNameA
SetConsoleTitleW
LeaveCriticalSection
GetProcAddress
GetEnvironmentStringsW
GetOEMCP
GetThreadContext
TlsSetValue
InterlockedExchange
SetLastError

comdlg32

GetSaveFileNameA
ReplaceTextA
PageSetupDlgW
GetFileTitleW
PrintDlgA
PageSetupDlgA
ChooseColorW
FindTextW
ChooseFontA
GetSaveFileNameW
GetOpenFileNameW
PrintDlgW
FindTextA
ChooseColorA
ReplaceTextW
LoadAlterBitmap
ChooseFontW

wininet

FindNextUrlCacheGroup
FtpPutFileW
InternetFortezzaCommand
InternetGetLastResponseInfoW
HttpSendRequestExW
FtpCommandW
IsUrlCacheEntryExpiredW
InternetTimeFromSystemTimeW
FtpGetCurrentDirectoryW
GopherGetAttributeW

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f8a7914e4a46c940d4b8cd2cf3eaa47

Headers

File Characteristics

Imports

kernel32

comdlg32

wininet

Sections

.text Size: 107KB - Virtual size: 106KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 107KB - Virtual size: 106KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 16KB - Virtual size: 16KB