181d7ad6b8c19eefada53f32e0d278bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

181d7ad6b8c19eefada53f32e0d278bc_JaffaCakes118
Size

272KB
MD5

181d7ad6b8c19eefada53f32e0d278bc
SHA1

815af2b43c82e67726f64d852b42085d89657d31
SHA256

e148e9fb3d8706acd63cf47e1e5cd07dc0bd7cb46940fdc0d1d3e482472d0f2c
SHA512

5d17d7b23acc60626aba9cfd84859f1e7295214a9e2a57727a20dd3da540d3a5a351adf69934ee7290fc5f469be385650b690e5e8bd6276d68e2b5dd4d229656
SSDEEP

6144:LOLu1KZbMR8PeqotvsdRF0nujqWqNga59nc2Eeghi4uTShnlXxQD/mVrS0:LO4KdreqotvszF0GWNgaXcHeghiP2lXf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
181d7ad6b8c19eefada53f32e0d278bc_JaffaCakes118

Files

181d7ad6b8c19eefada53f32e0d278bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b464a403e56b331c356a9ce68c6d4329

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperation
DuplicateIcon
DragFinish
ExtractAssociatedIconExW
RealShellExecuteA
RealShellExecuteExA
DoEnvironmentSubstW
DragQueryFileW

wininet

FtpGetCurrentDirectoryA
FtpFindFirstFileA
InternetOpenUrlA
InternetCanonicalizeUrlA
FindFirstUrlCacheContainerA
InternetCheckConnectionW
SetUrlCacheGroupAttributeW
InternetCheckConnectionA
LoadUrlCacheContent
RetrieveUrlCacheEntryStreamW

user32

DdeQueryStringA
OffsetRect
GetWindowTextLengthA
SetRect
CallWindowProcA
SystemParametersInfoW
GetMessageExtraInfo

comdlg32

ChooseFontW
FindTextW
PrintDlgA
GetOpenFileNameW
ChooseColorA

kernel32

HeapCreate
VirtualQueryEx
GetUserDefaultLCID
GetOEMCP
InterlockedDecrement
GetCurrentThread
SetThreadAffinityMask
InterlockedExchange
SetLastError
HeapReAlloc
LCMapStringW
GetCurrentThreadId
Sleep
SetEnvironmentVariableA
VirtualQuery
GetACP
VirtualAlloc
VirtualFree
SetLocalTime
GetTimeZoneInformation
MultiByteToWideChar
ExitProcess
GetCurrentProcess
LCMapStringA
HeapSize
HeapAlloc
HeapDestroy
EnterCriticalSection
GlobalAddAtomA
GetCommandLineA
GetEnvironmentStringsW
CompareStringA
GetStdHandle
GetTimeFormatA
GetModuleFileNameA
GetStartupInfoA
TlsFree
GetCPInfo
IsDebuggerPresent
CompareStringW
CreateSemaphoreA
HeapValidate
LoadLibraryA
EnumSystemLocalesA
TlsSetValue
TlsGetValue
GetModuleHandleA
FreeEnvironmentStringsW
CreateToolhelp32Snapshot
IsValidLocale
GetProcAddress
ConnectNamedPipe
TlsAlloc
GetStringTypeW
FreeLibrary
TerminateProcess
DeleteCriticalSection
GetEnvironmentStrings
GetStringTypeA
InitializeCriticalSectionAndSpinCount
HeapFree
GetFileType
GetMailslotInfo
IsValidCodePage
GetTickCount
WriteFile
UnhandledExceptionFilter
RtlUnwind
InterlockedIncrement
GetLastError
SetHandleCount
UnmapViewOfFile
FreeEnvironmentStringsA
CreateFileMappingA
LeaveCriticalSection
ReadConsoleOutputCharacterW
GetLocaleInfoW
GetCurrentProcessId
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
GetLocaleInfoA
QueryPerformanceCounter
GetModuleHandleW
EnumResourceLanguagesW
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
GetDateFormatA

advapi32

RegQueryValueA
CryptVerifySignatureA
CreateServiceW
CryptSetProviderW
RegCreateKeyW
CryptImportKey
CryptDestroyKey
DuplicateTokenEx
CryptGetHashParam
LookupAccountNameA
CryptAcquireContextA
CryptGenKey
RegEnumValueW
StartServiceA
LogonUserW
StartServiceW
RegConnectRegistryW
CryptDecrypt
RegSetValueW
LookupSecurityDescriptorPartsW

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b464a403e56b331c356a9ce68c6d4329

Headers

File Characteristics

Imports

shell32

wininet

user32

comdlg32

kernel32

advapi32

Sections

.text Size: 149KB - Virtual size: 149KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 149KB - Virtual size: 149KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 8KB - Virtual size: 8KB