083d8307a295286c0b31d97975207777_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

083d8307a295286c0b31d97975207777_JaffaCakes118
Size

425KB
MD5

083d8307a295286c0b31d97975207777
SHA1

1593f99d8ba0f96a373dec1a790bccca2668b092
SHA256

1a370eebc4f65eae4fec0cfce549268be85d817ca5f022aa63db637d807036a9
SHA512

bbd8da7be822adbb0576b623c7a367dd26781c10b2192bdc1f2a206f4afb3a0065176fb4c43b3106209734d80ab1f80844f8b46e82a2e336cf38a817ae28dd97
SSDEEP

12288:qUgA2uwqlH76JDzMZsMihgl/jMw1tBjmgXW2QhG5+X4fA+LOBRTf2:XgiNweTi3GtVhBAGhYz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
083d8307a295286c0b31d97975207777_JaffaCakes118

Files

083d8307a295286c0b31d97975207777_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8980b2c3c9659dad5aa48276260ae80d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA

wininet

UpdateUrlCacheContentPath
InternetConnectA
InternetQueryOptionA
InternetOpenW
InternetShowSecurityInfoByURLA
FtpSetCurrentDirectoryA
GetUrlCacheEntryInfoA
HttpQueryInfoW
InternetTimeToSystemTimeW
GetUrlCacheConfigInfoA
HttpSendRequestExA
FindNextUrlCacheEntryA
InternetQueryOptionW
FtpGetFileW
FindNextUrlCacheEntryW
FtpGetCurrentDirectoryW

user32

LoadBitmapW
GetTabbedTextExtentA
UnionRect
PostMessageW
DefDlgProcW
GetClientRect

advapi32

CryptAcquireContextW
CryptVerifySignatureA
CryptImportKey
CryptGenKey
LogonUserA
RegFlushKey
RegQueryMultipleValuesW
RegSetValueA
RegSaveKeyA
RegRestoreKeyW
GetUserNameW
RegDeleteKeyW
RegLoadKeyA
CryptGetDefaultProviderA
RegConnectRegistryA
RegEnumKeyExA
CryptHashData
LookupAccountNameA

kernel32

GetVersionExA
RtlMoveMemory
CompareStringA
VirtualAlloc
InitializeCriticalSection
GetConsoleCP
GetModuleFileNameA
FreeEnvironmentStringsW
GetOEMCP
GetTimeFormatA
LoadLibraryA
OutputDebugStringW
TerminateProcess
GetACP
IsValidLocale
GetCommandLineA
RtlUnwind
FlushFileBuffers
TlsSetValue
HeapReAlloc
LoadLibraryW
GetSystemTimeAsFileTime
GetModuleHandleA
SetEnvironmentVariableA
GetStartupInfoA
TlsAlloc
ExitProcess
DeleteCriticalSection
SetConsoleCtrlHandler
RaiseException
OutputDebugStringA
SetLastError
SetLocalTime
GetConsoleOutputCP
VirtualQuery
UnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
SetUnhandledExceptionFilter
WriteConsoleA
WriteConsoleW
lstrlenA
LCMapStringW
CloseHandle
GetEnvironmentStringsW
TlsGetValue
GetDateFormatA
EnumSystemLocalesA
InterlockedExchange
GetUserDefaultLCID
SetFilePointer
IsDebuggerPresent
GetProcAddress
FreeEnvironmentStringsA
FreeLibrary
QueryPerformanceCounter
GetProcessHeap
HeapAlloc
LeaveCriticalSection
SetHandleCount
IsValidCodePage
GetLocaleInfoW
TlsFree
HeapCreate
GetTickCount
GetConsoleMode
GetCPInfo
WideCharToMultiByte
WriteFile
GetFileType
MultiByteToWideChar
GetStdHandle
InterlockedIncrement
GetLocaleInfoA
GetModuleFileNameW
DebugBreak
CreateFileA
GetLastError
GetEnvironmentStrings
HeapDestroy
GetCurrentProcessId
SetStdHandle
VirtualFree
EnterCriticalSection
GetCurrentProcess
GetCurrentThread
LCMapStringA
CompareStringW
InterlockedDecrement
HeapFree
GetCurrentThreadId
GetStringTypeA
GetStringTypeW
HeapValidate

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8980b2c3c9659dad5aa48276260ae80d

Headers

File Characteristics

Imports

comdlg32

wininet

user32

advapi32

kernel32

Sections

.text Size: 244KB - Virtual size: 243KB

.data Size: 176KB - Virtual size: 184KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 244KB - Virtual size: 243KB

.data
Size: 176KB - Virtual size: 184KB

.rsrc
Size: 4KB - Virtual size: 3KB