0762ccbf868c21b8d10b3f035a753b82_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0762ccbf868c21b8d10b3f035a753b82_JaffaCakes118
Size

81KB
MD5

0762ccbf868c21b8d10b3f035a753b82
SHA1

29b01de36e3b6b93b9bbb587e47fd7d5935129a3
SHA256

fb34f7f291150e51c908d293a8f5a8cec046a0dc8bdd14de2c8b0443077c3fb3
SHA512

94d4ab2a32bc47e67d2178c4f3c28c54b81ad0fa4ac05f2b09724b96cfb6da6cac0c3c1b1813a52a684ea8e3bf57f007aa69083b72a1e0f775d0e2720dad20fa
SSDEEP

1536:fxS9H1E19dJ/ULY8TKxc1AZjT+KmhChlfLr8c4NIIkW/aKv56G:ozafgKH+KmhChlfLr8c4NIFW/Lv56G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0762ccbf868c21b8d10b3f035a753b82_JaffaCakes118

Files

0762ccbf868c21b8d10b3f035a753b82_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ecbd9a968fa64e5ccc56c8520249365e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CLSIDFromProgID
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector

kernel32

GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
lstrcpyA
GetTickCount
lstrlenA
MultiByteToWideChar
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
DeleteFileA
CreateProcessA
CloseHandle
WriteFile
CreateFileA
lstrcatA
GetEnvironmentVariableA
GetModuleFileNameA
CreateMutexA
ExitProcess
WideCharToMultiByte
lstrlenW
RaiseException
LocalFree
ReadFile
GetFileSize
HeapAlloc
GetProcessHeap
lstrcpynA
HeapFree
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
HeapSize
HeapReAlloc
VirtualAlloc
GetCommandLineA
GetStartupInfoA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetACP

urlmon

URLDownloadToCacheFileA

wininet

InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
HttpQueryInfoA
InternetReadFile
FindFirstUrlCacheEntryA
DeleteUrlCacheEntry
FindCloseUrlCache
FindNextUrlCacheEntryA

user32

CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
wsprintfA
wsprintfW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ecbd9a968fa64e5ccc56c8520249365e

Headers

DLL Characteristics

File Characteristics

Imports

ole32

oleaut32

kernel32

urlmon

wininet

user32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 7KB - Virtual size: 17KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 7KB - Virtual size: 17KB