0f19091d8e7bc57a188adbb3e1ebba14_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f19091d8e7bc57a188adbb3e1ebba14_JaffaCakes118
Size

219KB
MD5

0f19091d8e7bc57a188adbb3e1ebba14
SHA1

7d45df3458ac769db8ef9f14b91c5e6d970a290c
SHA256

0245a665d7df2b735be24cf39b14a1a909d8643595ccd3419335d8c093b2dff4
SHA512

64558fe9f3aed2c754a1641f02b3d66ab811590dba3787995e8f7a8cfdcad14935120a531b17e22b86c7e945f60b8b4760dda8327f10f77dd4fcb367ba04fe61
SSDEEP

6144:rXc60c2YMZHYdeELC8tZp1j4P9o6SkaoO:beF4de6tZp1j4PC6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f19091d8e7bc57a188adbb3e1ebba14_JaffaCakes118

Files

0f19091d8e7bc57a188adbb3e1ebba14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3245a1aef6697cb9968c31243930af18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
GetVersion
CreateMailslotW
GetWindowsDirectoryW
GetLastError
CreateFileMappingA
HeapAlloc
LoadLibraryA
GetPrivateProfileSectionNamesW
TlsSetValue
DuplicateHandle
EnumSystemCodePagesW
GlobalAddAtomA
FindAtomA
InterlockedExchange
TlsAlloc
IsDebuggerPresent
GetStdHandle
GetStringTypeA
ReadConsoleOutputA
GetCPInfo
FreeEnvironmentStringsW
GetStringTypeW
GetACP
OutputDebugStringW
InitializeCriticalSection
GetEnvironmentStringsW
GetStartupInfoA
GetProcAddress
GetEnvironmentStringsA
GetOEMCP
HeapFree
GetDriveTypeA
FreeEnvironmentStringsA
GetDiskFreeSpaceW
IsBadWritePtr
VirtualQuery
TlsGetValue
LCMapStringA
VirtualFree
GetConsoleScreenBufferInfo
LCMapStringW
GetPrivateProfileStringW
GetFileType
HeapReAlloc
TlsFree
ExitProcess
GetTempFileNameW
CommConfigDialogA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetHandleCount
GetModuleHandleA
GetCurrentThread
LeaveCriticalSection
MultiByteToWideChar
GetCurrentThreadId
WideCharToMultiByte
HeapCreate
EnterCriticalSection
GetEnvironmentStrings
GetCurrentProcessId
GetModuleFileNameA
SetLastError
DeleteCriticalSection
WriteFile
GetTickCount
HeapDestroy
IsValidLocale
GetCommandLineA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
RtlUnwind

wininet

InternetShowSecurityInfoByURLA
InternetReadFile
HttpAddRequestHeadersA
InternetCheckConnectionA
CreateUrlCacheGroup
InternetGetLastResponseInfoA
FtpDeleteFileA
GopherFindFirstFileA
InternetReadFileExA
FtpSetCurrentDirectoryW
GopherCreateLocatorW
FindNextUrlCacheEntryExA
InternetGoOnline

shell32

ExtractAssociatedIconExA
SHGetSpecialFolderPathW
SHEmptyRecycleBinA
SHGetSpecialFolderLocation
SHUpdateRecycleBinIcon
SHAppBarMessage
DragQueryPoint
SHLoadInProc
RealShellExecuteA
InternalExtractIconListW
SHEmptyRecycleBinW
ShellExecuteExA
SHBrowseForFolderA
SHQueryRecycleBinW

gdi32

GetEnhMetaFileW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3245a1aef6697cb9968c31243930af18

Headers

File Characteristics

Imports

kernel32

wininet

shell32

gdi32

Sections

.text Size: 106KB - Virtual size: 105KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 106KB - Virtual size: 105KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 6KB - Virtual size: 5KB