0b5d8bdd39ee4a81411678e7a8af26e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b5d8bdd39ee4a81411678e7a8af26e3_JaffaCakes118
Size

429KB
MD5

0b5d8bdd39ee4a81411678e7a8af26e3
SHA1

7c2eb53e458da2131797e1eface5af45eb243427
SHA256

c928636d97275d77a13334e6ac4caa5814132d10b5144c43b97d5b39e192e587
SHA512

b5b65b7522805997bae6f8aa6185ba4873386c11e4e86230d95f4e59d1f710840934f6e9243aa8bdfe5741743958119058483c8e3ed383ddedf4f39e16b85996
SSDEEP

12288:Cd/vrkW5095au/lQRGOpixlcEAxwynHa:c/zkq0XDOpXEAxhH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b5d8bdd39ee4a81411678e7a8af26e3_JaffaCakes118

Files

0b5d8bdd39ee4a81411678e7a8af26e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1064df9eb703dc032f4e52c1e3965803

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateEllipticRgnIndirect
DeleteColorSpace
FlattenPath
EndPage
FixBrushOrgEx
AddFontResourceW
CreateBrushIndirect

shell32

SHGetPathFromIDList
ExtractIconW
RealShellExecuteA
SheChangeDirA
SHEmptyRecycleBinA
SHBrowseForFolder
DragFinish
SHFileOperationW
RealShellExecuteExW

wininet

InternetGetCertByURLA
InternetErrorDlg
DeleteUrlCacheContainerW
RunOnceUrlCache
InternetSetCookieA
GetUrlCacheEntryInfoExW
FtpCommandA
HttpSendRequestW
InternetReadFile
InternetCloseHandle
FindFirstUrlCacheEntryExA
GetUrlCacheHeaderData
CreateUrlCacheContainerA
InternetTimeFromSystemTimeA
SetUrlCacheHeaderData
InternetCrackUrlA
InternetAlgIdToStringW

user32

BroadcastSystemMessageW

kernel32

GetSystemInfo
GetVersionExA
SetEnvironmentVariableA
QueryPerformanceCounter
GetLogicalDrives
RtlUnwind
FreeEnvironmentStringsW
TlsFree
EnumCalendarInfoW
GetStringTypeExW
WaitForSingleObjectEx
GetStartupInfoA
GetProcAddress
CreateFileW
GetCurrentThread
DeleteCriticalSection
CreateNamedPipeA
HeapReAlloc
GetAtomNameA
WideCharToMultiByte
SetThreadAffinityMask
VirtualProtect
TlsAlloc
EnterCriticalSection
IsValidLocale
InterlockedExchange
GetEnvironmentStringsW
HeapAlloc
CreateProcessW
TlsSetValue
GetCurrentThreadId
GetDateFormatA
GetLocaleInfoA
GetUserDefaultLCID
GetACP
LCMapStringW
TerminateProcess
MultiByteToWideChar
FreeEnvironmentStringsA
TransactNamedPipe
WriteFile
LeaveCriticalSection
GlobalReAlloc
IsBadWritePtr
TransmitCommChar
HeapFree
GetCPInfo
GetSystemTimeAsFileTime
LoadLibraryA
SetHandleCount
GetStdHandle
HeapDestroy
GetWindowsDirectoryA
EnumCalendarInfoExA
GetStringTypeW
GetStringTypeA
GetTimeFormatA
GetCurrentProcessId
VirtualFree
GetTickCount
HeapSize
LCMapStringA
GetCurrentProcess
SetLastError
UnhandledExceptionFilter
SetEnvironmentVariableW
VirtualQuery
EnumSystemLocalesA
InitializeCriticalSection
GetEnvironmentStrings
GetLocaleInfoW
ExitProcess
GetFileType
DuplicateHandle
HeapCreate
IsValidCodePage
GetModuleFileNameA
CompareStringW
VirtualAlloc
GetOEMCP
GetTimeZoneInformation
CompareStringA
GetModuleHandleA
TlsGetValue
GetCommandLineA
GetLastError

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1064df9eb703dc032f4e52c1e3965803

Headers

File Characteristics

Imports

gdi32

shell32

wininet

user32

kernel32

Sections

.text Size: 152KB - Virtual size: 151KB

.data Size: 273KB - Virtual size: 272KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 152KB - Virtual size: 151KB

.data
Size: 273KB - Virtual size: 272KB

.rsrc
Size: 3KB - Virtual size: 3KB