2672102d1a64040a6b9bd11a0e674117_JaffaCakes118

General

Target

2672102d1a64040a6b9bd11a0e674117_JaffaCakes118
Size

268KB
MD5

2672102d1a64040a6b9bd11a0e674117
SHA1

6a4a8f4ecb575d38712ef6d5be7435060d4563bc
SHA256

e670e0793c90722acea9d8e2589b0f4e2b98329b4e71c2265fce63ddc752f6cd
SHA512

63135a2bc0519296ef0daa7a7807da53fa7c5ab457bf4b02eaf5e5490dfa27ef63f751111727838f3ee149e3f84c758312fcde5cc3709f3532a19e5bfb805084
SSDEEP

6144:TE9Q2/S32sg9t5Qv1hMdEpfFx9l8k4nQ:KNs2sPT78k4n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2672102d1a64040a6b9bd11a0e674117_JaffaCakes118

Files

2672102d1a64040a6b9bd11a0e674117_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b996468f93caa60cafa82f7c77c48059

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
UnhandledExceptionFilter
WideCharToMultiByte
FreeEnvironmentStringsW
GetProcAddress
WriteFile
HeapReAlloc
TlsSetValue
GetACP
LCMapStringW
GetCurrentProcessId
HeapAlloc
SetVolumeLabelW
GetStdHandle
LeaveCriticalSection
GetModuleHandleA
GetSystemTime
FindNextFileA
IsBadReadPtr
InterlockedExchange
GetVersion
TlsFree
GetCommandLineA
TlsAlloc
FreeEnvironmentStringsA
WriteConsoleInputA
IsBadWritePtr
WriteProfileSectionA
lstrlenA
ExitProcess
GetTickCount
AddAtomW
TlsGetValue
HeapFree
GetFileType
GetModuleFileNameA
SetHandleCount
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
VirtualAlloc
VirtualFreeEx
GetCPInfo
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetLastError
GetStringTypeA
HeapDestroy
LCMapStringA
GetModuleHandleW
VirtualFree
GetCurrentThread
GetSystemTimeAsFileTime
GetOEMCP
EnterCriticalSection
DuplicateHandle
GetStartupInfoA
GetStringTypeW
DeleteCriticalSection
CreateFileMappingW
InitializeCriticalSection
SetLastError
VirtualProtect
HeapCreate
GetEnvironmentStrings

wininet

UnlockUrlCacheEntryStream
IsHostInProxyBypassList
DeleteUrlCacheGroup
GetUrlCacheEntryInfoExA
InternetCombineUrlA
InternetGetLastResponseInfoA
InternetDial
InternetAutodial
HttpSendRequestExA

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b996468f93caa60cafa82f7c77c48059

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 132KB - Virtual size: 132KB

.data Size: 132KB - Virtual size: 131KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 132KB - Virtual size: 132KB

.data
Size: 132KB - Virtual size: 131KB

.rsrc
Size: 3KB - Virtual size: 2KB