2c2498a6f8ccf3c916a69dfe97507151_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c2498a6f8ccf3c916a69dfe97507151_JaffaCakes118
Size

471KB
MD5

2c2498a6f8ccf3c916a69dfe97507151
SHA1

801d7578a1b6edd640fd3ca35e2bac5412dc71a3
SHA256

e312d9482795298cf98d42fda23f42039abf262d243dfc624d39cc56c25b54ee
SHA512

ba5069ea2e766ef791322d44c5df40617559a85d27a0dbe0c408a4c4fa20c7f307d3029d93df950b5df2f682f352534596d15e260c4b028f4fb2a5d9f7dfee17
SSDEEP

12288:XxqdsbBgDb6/Agu6opb3ym8n/BRQXK9XtpSV8238yHYjqcJT:lDNu6oxFw/BqktpFkAq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c2498a6f8ccf3c916a69dfe97507151_JaffaCakes118

Files

2c2498a6f8ccf3c916a69dfe97507151_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27f5284991caf60e49932a314360ddff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetEnvironmentStringsW
VirtualProtect
GetCurrentThread
RtlUnwind
LCMapStringW
GetCommandLineA
GetCurrentProcess
InitializeCriticalSection
VirtualAlloc
TlsFree
UnhandledExceptionFilter
HeapReAlloc
GetVersionExA
CompareStringW
GetUserDefaultLCID
GetOEMCP
WriteFile
GetModuleFileNameA
GetStdHandle
LCMapStringA
ExitProcess
GetSystemInfo
IsValidLocale
SetEnvironmentVariableA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
IsBadWritePtr
GetLocaleInfoW
TlsAlloc
QueryPerformanceCounter
CompareStringA
TlsGetValue
FreeEnvironmentStringsW
VirtualQuery
GetCurrentThreadId
GetLocaleInfoA
HeapAlloc
HeapDestroy
HeapFree
HeapValidate
TerminateProcess
GetCurrentProcessId
GetCPInfo
LeaveCriticalSection
IsValidCodePage
GetLongPathNameA
SetLastError
GetLastError
GetTimeFormatA
MultiByteToWideChar
GetStartupInfoA
TlsSetValue
WideCharToMultiByte
EnterCriticalSection
GetDateFormatA
GetModuleHandleA
DeleteCriticalSection
GetStringTypeW
GetACP
GetProfileIntA
HeapSize
FreeEnvironmentStringsA
EnumSystemLocalesA
GetFileType
SetHandleCount
GetProcAddress
GetTimeZoneInformation
HeapCreate
GetEnvironmentStrings
VirtualFree
InterlockedExchange

wininet

RetrieveUrlCacheEntryStreamW
InternetSecurityProtocolToStringW
FtpFindFirstFileA
InternetFindNextFileA
InternetOpenUrlW
FtpGetCurrentDirectoryW
FtpCreateDirectoryW
GetUrlCacheHeaderData
InternetGoOnline
DeleteUrlCacheEntry
InternetCanonicalizeUrlW
InternetDialW
DeleteUrlCacheEntryW
InternetWriteFileExW
InternetWriteFile
HttpEndRequestA
GetUrlCacheEntryInfoExW
ShowSecurityInfo
FindFirstUrlCacheEntryW
InternetAlgIdToStringA
HttpSendRequestW
InternetSetOptionW
UrlZonesDetach
FtpRemoveDirectoryA
InternetCreateUrlW

gdi32

SetPaletteEntries
GetCurrentPositionEx
RectVisible

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27f5284991caf60e49932a314360ddff

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

Sections

.text Size: 148KB - Virtual size: 148KB

.data Size: 311KB - Virtual size: 320KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 148KB - Virtual size: 148KB

.data
Size: 311KB - Virtual size: 320KB

.rsrc
Size: 10KB - Virtual size: 10KB