1409bbf7d7fe071be18f2efe22359fd7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1409bbf7d7fe071be18f2efe22359fd7_JaffaCakes118
Size

308KB
MD5

1409bbf7d7fe071be18f2efe22359fd7
SHA1

3f97128fb9cf0ee4eb7a58bfda697e4d1b0e361a
SHA256

f4df80496422794001649ece9b12638c5a67bb3f2151a40b1347597dd9b053e1
SHA512

2e401e5008bab2af5595cba68336f95511427c603d7990b5fe4a4aae78646623767eec5919dd9a4a16f77e63c2edf0b3aba91bc434c12dd919e0ba99018fbc4c
SSDEEP

6144:el3amsBpuJK9v/CkFeppBoR0UwZQXU8QBixBC9NLxLipr59BrsQFm:etamsBpuJcv/CkFeppBoGUwZQk8QBOBz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1409bbf7d7fe071be18f2efe22359fd7_JaffaCakes118

Files

1409bbf7d7fe071be18f2efe22359fd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c682ae189907f508ad9332ca9a6d22be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
IsBadWritePtr
IsValidLocale
TlsFree
GetProcAddress
LCMapStringA
HeapReAlloc
TlsSetValue
GetCommandLineW
GetUserDefaultLCID
GetCurrentProcessId
VirtualFree
FlushFileBuffers
GetOEMCP
VirtualProtect
GetModuleHandleA
LCMapStringW
SuspendThread
WideCharToMultiByte
SetFilePointer
GetStdHandle
InterlockedDecrement
GetDateFormatA
InitializeCriticalSection
OutputDebugStringA
EnumSystemLocalesA
GetTimeFormatA
DeleteCriticalSection
EnumSystemCodePagesW
ExitProcess
GetTickCount
DebugBreak
UnhandledExceptionFilter
HeapFree
GetLastError
GetModuleFileNameA
HeapDestroy
LoadLibraryA
QueryPerformanceCounter
GetFileType
VirtualAlloc
LeaveCriticalSection
GetCurrentThread
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetLocaleInfoA
GetStartupInfoA
GetStringTypeW
SetLastError
WriteFile
IsValidCodePage
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetLocaleInfoW
GetACP
FindFirstFileA
GetModuleFileNameW
GetStartupInfoW
FreeEnvironmentStringsW
TlsAlloc
SetConsoleCtrlHandler
HeapValidate
FreeEnvironmentStringsA
GetStringTypeA
SetStdHandle
EnterCriticalSection
IsBadReadPtr
TlsGetValue
GetSystemInfo
CloseHandle
InterlockedExchange
GetVersionExA
GetTimeZoneInformation
GetEnvironmentStringsW
SetEnvironmentVariableA
GetCommandLineA
GetCPInfo
MultiByteToWideChar
InterlockedIncrement
HeapAlloc
SetHandleCount
CompareStringW
CompareStringA

wininet

CommitUrlCacheEntryW
FtpFindFirstFileA
GopherGetLocatorTypeW
InternetTimeToSystemTime
HttpOpenRequestA
FindFirstUrlCacheEntryA
SetUrlCacheEntryGroupA
SetUrlCacheEntryGroup
FtpGetFileEx
RetrieveUrlCacheEntryStreamA
GopherGetAttributeA
HttpSendRequestExW
InternetQueryOptionA
FtpPutFileA
FtpCommandA
InternetQueryOptionW
InternetSetOptionExW
InternetCreateUrlW
InternetAttemptConnect
InternetErrorDlg
IncrementUrlCacheHeaderData
InternetAutodial

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c682ae189907f508ad9332ca9a6d22be

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 179KB - Virtual size: 178KB

.data Size: 120KB - Virtual size: 143KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 179KB - Virtual size: 178KB

.data
Size: 120KB - Virtual size: 143KB

.rsrc
Size: 8KB - Virtual size: 7KB