147cd601ba2c464fb914dc3b46f16efa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

147cd601ba2c464fb914dc3b46f16efa_JaffaCakes118
Size

249KB
MD5

147cd601ba2c464fb914dc3b46f16efa
SHA1

905de16130853714dffcf9e62d65b3d49ce01a31
SHA256

5078e7f7e64353c9a77870f9d415d406e9b273668796a44a0c35cb5589147369
SHA512

9b1349c2df731345277ce2f253642a972fca4055ddc77c2a56b21164495b5dc807bc9d31ebddf408e178358ccf0c42e0c831924cd6ed624b5be7c57794f493da
SSDEEP

6144:bAidUSdqXxthWxzILU/+mGS9q3BGr3TrT+ClJXYBcun/uEVfD6WXQ:bARur+0qEf+ClrunFVL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
147cd601ba2c464fb914dc3b46f16efa_JaffaCakes118

Files

147cd601ba2c464fb914dc3b46f16efa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c6ca2566ce6e9ccb8df953c2a395f61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleW
GetSaveFileNameW
GetFileTitleA
ChooseFontW
GetSaveFileNameA
ChooseColorA
LoadAlterBitmap

user32

TranslateAcceleratorA
DlgDirListA
DdeUninitialize
ClientToScreen
DdeCreateDataHandle
SetClassLongW
DdeImpersonateClient
ChangeDisplaySettingsExW
LoadAcceleratorsA
RegisterClassExW
WINNLSEnableIME
SetProcessDefaultLayout
GetMenuStringA
AppendMenuA
GetDlgCtrlID
EnumPropsExW
GetQueueStatus
IsCharLowerA
GetMenuItemCount
ChildWindowFromPoint
CharNextExA

wininet

FtpDeleteFileW
FtpOpenFileW
InternetReadFileExW
ShowSecurityInfo
FtpSetCurrentDirectoryW
CommitUrlCacheEntryA
GopherCreateLocatorA
SetUrlCacheEntryGroup
FtpCreateDirectoryA
InternetConfirmZoneCrossingW
DetectAutoProxyUrl
FtpDeleteFileA
InternetOpenW
InternetGetCertByURL
FindFirstUrlCacheContainerA
FindFirstUrlCacheContainerW
InternetGoOnline
SetUrlCacheConfigInfoA
IncrementUrlCacheHeaderData
DeleteUrlCacheContainerW
SetUrlCacheEntryInfoW

gdi32

SetWindowExtEx
FixBrushOrgEx
GetFontData
OffsetRgn
CreateDIBSection
SetMapperFlags
GetTextExtentPoint32W
UpdateICMRegKeyA
CreateEllipticRgn
CreateDCA

kernel32

GetStdHandle
FreeEnvironmentStringsW
UnhandledExceptionFilter
HeapAlloc
GetCommandLineA
VirtualAlloc
GetLastError
GetModuleHandleA
GetCurrentThreadId
SetHandleCount
GetCurrentProcessId
GetEnvironmentStrings
VirtualQuery
GetModuleFileNameA
LCMapStringA
GetFileType
WideCharToMultiByte
GetProcAddress
LeaveCriticalSection
GetCurrentProcess
WriteFile
VirtualFree
DeleteCriticalSection
GetCPInfo
IsBadWritePtr
ExitProcess
HeapCreate
CreateDirectoryA
TerminateProcess
MultiByteToWideChar
FreeEnvironmentStringsA
HeapFree
GetSystemTimeAsFileTime
InterlockedExchange
GetTickCount
InitializeCriticalSection
TlsSetValue
GetACP
GetOEMCP
GetStartupInfoA
GetVersion
GetEnvironmentStringsW
HeapReAlloc
RtlUnwind
TlsGetValue
TlsFree
LCMapStringW
LoadModule
GetCurrentThread
GetStringTypeA
LoadLibraryA
QueryPerformanceCounter
GetStringTypeW
TlsAlloc
SetLastError
HeapDestroy
EnterCriticalSection

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c6ca2566ce6e9ccb8df953c2a395f61

Headers

File Characteristics

Imports

comdlg32

user32

wininet

gdi32

kernel32

Sections

.text Size: 108KB - Virtual size: 107KB

.data Size: 134KB - Virtual size: 133KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 108KB - Virtual size: 107KB

.data
Size: 134KB - Virtual size: 133KB

.rsrc
Size: 6KB - Virtual size: 5KB