0fbf414135eeb191fa1100affdf55390_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fbf414135eeb191fa1100affdf55390_JaffaCakes118
Size

243KB
MD5

0fbf414135eeb191fa1100affdf55390
SHA1

b38c562b9f9402ab1ed0c0e6001e0324814cbaf1
SHA256

6a3851de579b82dde289b42f9f18d012172365c0dbf4d7f0b18668a3c2f034c3
SHA512

ea84fd52b5956576fb6ddc813814817ae242253677699f447f68966e31a0972bd29649fab9fe966383144876310a89a68d26aa10e035e42ea64b53033a2df4b9
SSDEEP

6144:hXRf8QL9Ds/WJLeHsCMgfxHrkp8s8O6tm9JW:hXBxdJqMgfxHwpY5tCW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fbf414135eeb191fa1100affdf55390_JaffaCakes118

Files

0fbf414135eeb191fa1100affdf55390_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73c2e329dc9b2b260f79ce7cb693446b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeInitializeA
DrawMenuBar

shell32

SHGetFileInfoW
DoEnvironmentSubstA
SHBrowseForFolderW
ExtractIconW
DragQueryFileAorW
FindExecutableW
ShellExecuteEx
SHLoadInProc
RealShellExecuteA
CheckEscapesW
DragQueryFile

gdi32

CreateDCW
SetGraphicsMode
EndDoc
GetMetaFileBitsEx
CreateMetaFileW
GetDCOrgEx
MaskBlt

advapi32

CryptGetProvParam
InitializeSecurityDescriptor
CryptGetDefaultProviderA
RegOpenKeyW
CryptVerifySignatureA
RevertToSelf
CryptExportKey

kernel32

MultiByteToWideChar
SetEnvironmentVariableA
IsValidCodePage
LCMapStringW
VirtualFree
TlsFree
GetLastError
HeapSize
LeaveCriticalSection
GetModuleHandleA
GetTickCount
GetEnvironmentStrings
IsBadWritePtr
CompareStringW
GetVersionExA
GetProcAddress
GetTimeZoneInformation
GetFileType
GetProfileIntW
EnumSystemLocalesA
TlsAlloc
LoadLibraryA
GetStringTypeA
InitializeCriticalSection
HeapDestroy
GetCurrentThreadId
DeleteCriticalSection
TlsGetValue
GetCurrentProcessId
GetTempFileNameA
VirtualProtect
WideCharToMultiByte
GetEnvironmentStringsW
GetCurrentProcess
GetUserDefaultLCID
GetThreadSelectorEntry
RtlUnwind
GetDateFormatA
TerminateProcess
HeapAlloc
GetCPInfo
GetOEMCP
VirtualAlloc
FreeEnvironmentStringsW
GetStartupInfoA
CreateDirectoryA
UnhandledExceptionFilter
WriteFile
GetStringTypeW
GetACP
GetSystemInfo
GetLocaleInfoA
InterlockedExchange
HeapCreate
HeapReAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
TlsSetValue
VirtualQuery
SetHandleCount
GetStdHandle
CompareStringA
EnterCriticalSection
GetCurrentThread
SetLastError
GetTimeFormatA
GetCommandLineA
QueryPerformanceCounter
ExitProcess
LCMapStringA
IsValidLocale
GetLocaleInfoW
HeapFree

wininet

InternetShowSecurityInfoByURLA
InternetGetCookieA
InternetQueryOptionW
FtpRenameFileW
HttpCheckDavCompliance
RunOnceUrlCache
FindNextUrlCacheGroup
FindFirstUrlCacheEntryA
FtpSetCurrentDirectoryW
InternetTimeFromSystemTimeA
InternetGoOnline
InternetAutodialHangup
FindFirstUrlCacheEntryExA
InternetSecurityProtocolToStringW
DeleteUrlCacheContainerA
InternetQueryDataAvailable
FindNextUrlCacheEntryA
InternetGetConnectedStateExA
CommitUrlCacheEntryA
GopherCreateLocatorA
InternetConfirmZoneCrossingA

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73c2e329dc9b2b260f79ce7cb693446b

Headers

File Characteristics

Imports

user32

shell32

gdi32

advapi32

kernel32

wininet

Sections

.text Size: 124KB - Virtual size: 123KB

.data Size: 111KB - Virtual size: 135KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 123KB

.data
Size: 111KB - Virtual size: 135KB

.rsrc
Size: 6KB - Virtual size: 6KB