183ec20c3cb063bc47a4b6fbba4daa67_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

183ec20c3cb063bc47a4b6fbba4daa67_JaffaCakes118
Size

314KB
MD5

183ec20c3cb063bc47a4b6fbba4daa67
SHA1

527fdfbe363f58ea22323edcb57b4f8f01eae85f
SHA256

01be64979bf189e9d6c651852609fb3343ae0c45d4dcd336f9998111d4f7ff35
SHA512

1ecf54c9a0d3cae737f7427389deb4b480b820bf3572d5b7b351e821abef5717b536c8f4b9812bda6fb43a9c5a37e85b04314b596a08d1e324dc7ed2944951a1
SSDEEP

6144:ub/FlX9Z3niuUIKVoCEJ/HE5opo3lZgY+VNf8bR64+5PpCMpDLv7:I/FlX9Z37cEJ/HtKlZgYbbUVpCMpn7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
183ec20c3cb063bc47a4b6fbba4daa67_JaffaCakes118

Files

183ec20c3cb063bc47a4b6fbba4daa67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc5154472118b2ad000a7e1aeea5b3c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
EnumSystemLocalesA
LeaveCriticalSection
CompareStringA
RtlUnwind
GetVersionExA
ReadFile
GetCurrentProcess
GetStringTypeA
VirtualAlloc
SetHandleCount
LCMapStringA
HeapReAlloc
GetLocaleInfoW
GetStartupInfoA
GetLocaleInfoA
GetCPInfo
SetEnvironmentVariableA
GetModuleFileNameA
GetCurrentThread
GetUserDefaultLCID
ExitProcess
GetEnvironmentStringsW
GetTimeZoneInformation
HeapSize
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeW
GetACP
InterlockedIncrement
QueryPerformanceCounter
WideCharToMultiByte
TlsAlloc
GetConsoleTitleW
Sleep
UnhandledExceptionFilter
FreeLibrary
HeapAlloc
GetProcessHeap
HeapFree
CompareStringW
SetLastError
GetCurrentProcessId
MultiByteToWideChar
HeapCreate
GetTimeFormatA
TlsGetValue
InterlockedDecrement
FreeEnvironmentStringsW
GetFileType
HeapDestroy
GetCommandLineA
IsValidLocale
TlsFree
GetProcessShutdownParameters
DeleteCriticalSection
GetModuleHandleA
UnlockFile
GetEnvironmentStrings
LocalSize
GetDiskFreeSpaceA
SetUnhandledExceptionFilter
EnumResourceLanguagesA
SetFileAttributesA
FreeEnvironmentStringsA
InitializeCriticalSection
GetProcAddress
GetLastError
GetOEMCP
EnterCriticalSection
LCMapStringW
InterlockedExchange
IsDebuggerPresent
WriteFile
GetStdHandle
VirtualQuery
VirtualFree
TlsSetValue
WaitForDebugEvent
SetConsoleCtrlHandler
GetCurrentThreadId
IsValidCodePage
GetFileTime
TerminateProcess

wininet

InternetTimeToSystemTimeW
CreateUrlCacheGroup
IsUrlCacheEntryExpiredA
IncrementUrlCacheHeaderData
GopherCreateLocatorW
InternetAttemptConnect
HttpOpenRequestW
InternetCloseHandle
InternetDialA
FtpFindFirstFileW
FtpGetFileW
CreateUrlCacheContainerA
GetUrlCacheConfigInfoA

user32

CharToOemA
CharPrevExA
EndPaint
GetKeyboardLayoutNameW
GetScrollInfo

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc5154472118b2ad000a7e1aeea5b3c2

Headers

File Characteristics

Imports

kernel32

wininet

user32

Sections

.text Size: 159KB - Virtual size: 159KB

.data Size: 142KB - Virtual size: 141KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 159KB - Virtual size: 159KB

.data
Size: 142KB - Virtual size: 141KB

.rsrc
Size: 11KB - Virtual size: 11KB