0a00af34d8c66a559e5ae5f9430aa794_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a00af34d8c66a559e5ae5f9430aa794_JaffaCakes118
Size

275KB
MD5

0a00af34d8c66a559e5ae5f9430aa794
SHA1

201c981d0cbe843afbcc696f4e08689459ee9ff0
SHA256

19d6e4fa9ea38f0ce8efb4fe2e15c3044c15af75822b13775513b442a617e54c
SHA512

5231137d9778d5c0370ef47f6d6249dab52984838a3a5010fc4d3e1a3164a6002ac9d5e7077a8435fe9c67a60a9688835cad69579599d2c9e51910768edf0e20
SSDEEP

6144:5WndHZ3FPD6WcdsucQG8oIvCwFfOrvap1ClmWeMst7dK3:4Lp6pfFRt/7d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a00af34d8c66a559e5ae5f9430aa794_JaffaCakes118

Files

0a00af34d8c66a559e5ae5f9430aa794_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf00d42d298e9c41d73bee34dcdb9bd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetTimeFormatA
ResumeThread
SetSystemTime
GetLocaleInfoW
CreateRemoteThread
HeapAlloc
LoadLibraryA
TlsGetValue
MultiByteToWideChar
VirtualFree
GetProfileSectionA
TlsAlloc
FreeEnvironmentStringsW
Sleep
TlsFree
EnumSystemLocalesA
GetStartupInfoA
GetStdHandle
ReadConsoleOutputW
SetLastError
GetCommandLineA
GetStringTypeW
GetCurrentThread
GetExitCodeProcess
HeapDestroy
UnhandledExceptionFilter
GetOEMCP
GetProcAddress
FindNextChangeNotification
GetModuleHandleW
HeapFree
GetUserDefaultLCID
GetCPInfo
GetThreadContext
HeapSize
VirtualQuery
LeaveCriticalSection
WriteFile
SetEnvironmentVariableA
FreeEnvironmentStringsA
InterlockedDecrement
TlsSetValue
GetLocaleInfoA
HeapReAlloc
LCMapStringW
ExitProcess
GetStringTypeA
WriteConsoleOutputCharacterA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsValidCodePage
GetModuleHandleA
GetEnvironmentStringsW
InterlockedIncrement
IsDebuggerPresent
GetCurrentThreadId
SetHandleCount
WideCharToMultiByte
GetACP
GetFileType
GetCurrentProcessId
GetModuleFileNameA
IsValidLocale
FreeLibrary
GetDriveTypeW
GetTickCount
HeapCreate
DeleteCriticalSection
GetEnvironmentStrings
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
RtlUnwind
GetDateFormatA
GetSystemTimeAsFileTime
InterlockedExchange
LCMapStringA
CompareStringW
CompareStringA
GetLastError
MoveFileA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount

wininet

FindNextUrlCacheContainerW
FtpOpenFileW
InternetTimeFromSystemTime
InternetUnlockRequestFile
InternetCrackUrlA
FtpPutFileA
GetUrlCacheGroupAttributeA
InternetCloseHandle
InternetFortezzaCommand
InternetShowSecurityInfoByURLA
CreateUrlCacheContainerA
InternetWriteFileExW
IncrementUrlCacheHeaderData
RegisterUrlCacheNotification
InternetCheckConnectionA

comdlg32

ChooseFontW

user32

CharNextA
GetKeyboardLayoutList
SetCursorPos
SetThreadDesktop
SetWindowTextW
IsMenu
IsCharUpperW
GetPriorityClipboardFormat
GetDlgItemTextA
GetNextDlgGroupItem
BeginDeferWindowPos
MoveWindow
SetMenuInfo
EditWndProc
GetClipboardOwner

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf00d42d298e9c41d73bee34dcdb9bd3

Headers

File Characteristics

Imports

kernel32

wininet

comdlg32

user32

Sections

.text Size: 150KB - Virtual size: 150KB

.data Size: 114KB - Virtual size: 113KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 150KB - Virtual size: 150KB

.data
Size: 114KB - Virtual size: 113KB

.rsrc
Size: 9KB - Virtual size: 9KB