04e9353074a50836f129e23c0b5193cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04e9353074a50836f129e23c0b5193cc_JaffaCakes118
Size

266KB
MD5

04e9353074a50836f129e23c0b5193cc
SHA1

a4424535dfb84bc7880b6eff4c81ef81789fac4c
SHA256

d7b0bbc822623997e961c65e19416effa80daa2d3bd3dc1f984b701df7e8d86c
SHA512

2d4c177c736559d03b721deb319f7bbd339ae386ff7a4d5af92b0880f5b5648f7abb4b000718cd78a17e8550c05975bda33c9e40cb890bb5c9477b13c49fb061
SSDEEP

3072:23DT8LVabEQxxVS8nZpy8/DFP37mDZoTaIMy/+TzQadWb3OHCnED+KR+F6e2uAWp:EH85ab1bI8/5P3QExi+mEaWtFEhppn9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04e9353074a50836f129e23c0b5193cc_JaffaCakes118

Files

04e9353074a50836f129e23c0b5193cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5690aa47e969bf7f3471099b1c33809f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiSetBatchLimit
IntersectClipRect
CreatePatternBrush
GetWinMetaFileBits
CreatePalette
SetMetaRgn
GetSystemPaletteEntries
SetWindowOrgEx
EnumEnhMetaFile
SetICMMode
GetRegionData
PolyTextOutA
SetDIBColorTable
ExtEscape
SetROP2
PlayEnhMetaFileRecord
GetLogColorSpaceW
ExtFloodFill
RemoveFontResourceW
GetStretchBltMode

user32

EnumWindowStationsW
GetCaretPos
SetRect
GetKeyboardLayoutList
PaintDesktop
IsWindowVisible
RemovePropW
GetMessageTime
GetClipboardFormatNameA
CharToOemBuffA
GetDC
DdeUnaccessData
UnregisterDeviceNotification
IsCharAlphaW
SetUserObjectSecurity
GetMenu
GetOpenClipboardWindow
SetFocus
SetClassLongA
GetWindowPlacement
CreateIconFromResourceEx
SetMessageQueue
EndDialog
SetThreadDesktop

comdlg32

GetFileTitleW
ReplaceTextA
ChooseColorW
PrintDlgA
ReplaceTextW
ChooseColorA
GetSaveFileNameW
PageSetupDlgA
ChooseFontW
PageSetupDlgW

wininet

ShowCertificate
HttpCheckDavCompliance
FtpRemoveDirectoryA
InternetShowSecurityInfoByURLA
UnlockUrlCacheEntryStream

kernel32

MultiByteToWideChar
SetEnvironmentVariableA
GetTimeZoneInformation
LeaveCriticalSection
CompareStringA
WideCharToMultiByte
IsValidLocale
GetModuleHandleA
GetCurrentThreadId
GetProcessHeap
GetCurrentProcessId
DeleteCriticalSection
LCMapStringW
TlsFree
GetLastError
EnumSystemLocalesA
WriteFile
GetProcAddress
GetLocaleInfoW
GetCurrentProcess
HeapSize
GetUserDefaultLCID
Sleep
OpenSemaphoreA
GetFileType
LCMapStringA
GetDateFormatA
InterlockedIncrement
TerminateProcess
InitializeCriticalSection
EnumResourceNamesA
SetLastError
GetSystemTimeAsFileTime
SetHandleCount
GetTickCount
GetEnvironmentStringsW
GetTimeFormatA
SuspendThread
FreeEnvironmentStringsW
FreeLibrary
IsDebuggerPresent
EnterCriticalSection
HeapReAlloc
VirtualFree
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
TlsAlloc
CompareStringW
GetCPInfo
LoadLibraryA
QueryPerformanceCounter
UnhandledExceptionFilter
GetStdHandle
GetStartupInfoA
GetEnvironmentStrings
WritePrivateProfileSectionW
HeapDestroy
HeapCreate
GetOEMCP
FreeEnvironmentStringsA
GetFullPathNameA
GetCurrentThread
ExitProcess
InterlockedDecrement
IsValidCodePage
VirtualQuery
HeapAlloc
GetACP
VirtualAlloc
InterlockedExchange
HeapFree
GetVersionExA
MapViewOfFileEx
UnlockFile
GetModuleFileNameA
RtlUnwind
TlsSetValue
GetCommandLineA
TlsGetValue
SetConsoleCtrlHandler
SetUnhandledExceptionFilter

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5690aa47e969bf7f3471099b1c33809f

Headers

File Characteristics

Imports

gdi32

user32

comdlg32

wininet

kernel32

Sections

.text Size: 143KB - Virtual size: 142KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 143KB - Virtual size: 142KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 8KB - Virtual size: 8KB