12d62522d007508f23d910ec026e20ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12d62522d007508f23d910ec026e20ea_JaffaCakes118
Size

245KB
MD5

12d62522d007508f23d910ec026e20ea
SHA1

3979b475247da4187d95c0d189fa119e8e49005e
SHA256

e9b5c2a5d710a240402f88529a0e2deaf2970660b7eff9820e08d2222e6b17fa
SHA512

ed2f715fb8991e9acf1fa361cf888ba65472104e21417cfc0511cddd3050ce928d02d35373ae5ae8f30157c758d3edff85729b87578475d8b72dd492ab887a3a
SSDEEP

6144:fjjUOwBDk6cH/5GqfY1tB4NDWBnsjTsCa:fHURo6tBMDgns3ha

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12d62522d007508f23d910ec026e20ea_JaffaCakes118

Files

12d62522d007508f23d910ec026e20ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c5f61fb71089138b463cc74f95d5d22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

ReadUrlCacheEntryStream
InternetReadFileExW
FindFirstUrlCacheGroup
FtpFindFirstFileW
GopherOpenFileW
SetUrlCacheConfigInfoW
HttpOpenRequestA
DeleteUrlCacheEntryW
InternetCreateUrlW
HttpSendRequestA
LoadUrlCacheContent
InternetCrackUrlW
SetUrlCacheEntryGroup
SetUrlCacheEntryGroupA
InternetGoOnline
FtpOpenFileA
GetUrlCacheEntryInfoW
GetUrlCacheConfigInfoA
InternetTimeFromSystemTimeA

user32

GetMonitorInfoW
EnumDisplaySettingsExW
SetUserObjectSecurity
MsgWaitForMultipleObjectsEx
SetMenuItemInfoW
SetMenu
ScrollDC
IsClipboardFormatAvailable
InSendMessageEx
DlgDirSelectComboBoxExW
SetDlgItemInt
CreateDesktopW
SetActiveWindow
ArrangeIconicWindows
InSendMessage
CreateMenu
SetLastErrorEx
RegisterDeviceNotificationW
DefWindowProcA
FindWindowW
VkKeyScanExW
GetListBoxInfo
EnumThreadWindows
DrawTextA

gdi32

SetMiterLimit
GetTextCharacterExtra
UpdateICMRegKeyW
SetMetaRgn
DeleteEnhMetaFile
CreateBitmapIndirect
DeleteObject
GetWindowOrgEx
CreatePen
CombineTransform
CancelDC
GetBitmapBits

comdlg32

PrintDlgA

kernel32

SetLastError
GetCurrentProcessId
GetTimeZoneInformation
SetVolumeLabelA
IsValidLocale
QueryPerformanceCounter
GetStartupInfoA
LCMapStringA
IsDebuggerPresent
GetStdHandle
FillConsoleOutputAttribute
RtlUnwind
GetStringTypeA
EnumSystemLocalesA
SetThreadIdealProcessor
TlsGetValue
GetTickCount
MultiByteToWideChar
EnumResourceLanguagesW
GetCPInfo
GetTimeFormatA
HeapReAlloc
CompareStringW
InterlockedExchange
EnterCriticalSection
GetModuleHandleA
WriteFile
HeapSize
IsBadWritePtr
GetEnvironmentStringsW
SetConsoleOutputCP
SetFileTime
CompareStringA
GetStringTypeW
GetLastError
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetProcAddress
TlsSetValue
HeapAlloc
LeaveCriticalSection
InitializeCriticalSection
GetModuleFileNameA
LCMapStringW
DeleteCriticalSection
FreeEnvironmentStringsA
GetDateFormatA
HeapFree
GetACP
IsValidCodePage
GetCommandLineA
FreeEnvironmentStringsW
TlsFree
TerminateProcess
SetConsoleTitleW
GetCurrentProcess
VirtualQuery
SetHandleCount
SetConsoleMode
WideCharToMultiByte
WriteConsoleOutputCharacterW
GetExitCodeProcess
GetFileType
LoadLibraryA
GetCurrentThreadId
UnhandledExceptionFilter
VirtualFree
OpenFileMappingA
VirtualAlloc
SetEnvironmentVariableA
GetOEMCP
TlsAlloc
GetLocaleInfoW
HeapDestroy
GetSystemInfo
GetVersionExA
GetEnvironmentStrings
GetCurrentThread
ExitProcess
HeapCreate
GetLocaleInfoA
VirtualProtect

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c5f61fb71089138b463cc74f95d5d22

Headers

File Characteristics

Imports

wininet

user32

gdi32

comdlg32

kernel32

Sections

.text Size: 123KB - Virtual size: 122KB

.data Size: 110KB - Virtual size: 126KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 123KB - Virtual size: 122KB

.data
Size: 110KB - Virtual size: 126KB

.rsrc
Size: 11KB - Virtual size: 10KB