2c839df4460a222fe13d508dd1a3f3c9_JaffaCakes118

General

Target

2c839df4460a222fe13d508dd1a3f3c9_JaffaCakes118
Size

213KB
MD5

2c839df4460a222fe13d508dd1a3f3c9
SHA1

ee64729dfdb5fe32b09acca961f8220c502342de
SHA256

ff68d11fbaacb611de6a7390af2501f124f831386de92ca1971266a40e17790b
SHA512

4aaa24e4752062a21628f2c97c1bff2d07ed40af62ef7c7eda3b72632dc0ea6c937744535f1f807a41ee53442a8ac8da9cfe9689dc3de5f24c1a5ee9707cb987
SSDEEP

6144:WO7H731Pmd0TpDr+NxzF9tcNYVV88KjeIqVHfnVokCZa:WOr7313Zraxz9u6CTYVHtCZa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c839df4460a222fe13d508dd1a3f3c9_JaffaCakes118

Files

2c839df4460a222fe13d508dd1a3f3c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25658022363807ec08a822f770feb558

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetVersion
GetStdHandle
GetStartupInfoA
RtlUnwind
GetCommandLineA
GetModuleFileNameW
GetCurrentProcess
GetProcAddress
VirtualAlloc
HeapCreate
TlsSetValue
HeapReAlloc
VirtualFree
FreeEnvironmentStringsW
UnhandledExceptionFilter
LeaveCriticalSection
InterlockedExchange
GetModuleFileNameA
SetHandleCount
GetModuleHandleA
ExitProcess
TlsFree
GetStartupInfoW
EnterCriticalSection
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
WriteFile
IsBadWritePtr
GetCurrentThread
QueryPerformanceCounter
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStringsW
VirtualQuery
GetCurrentThreadId
InitializeCriticalSection
HeapAlloc
GetFileType
HeapFree
DeleteCriticalSection
TerminateProcess
GetCurrentProcessId
GetLastError
TlsAlloc
GetCommandLineW
GetUserDefaultLCID
GetEnvironmentStrings
HeapDestroy
TlsGetValue

wininet

IncrementUrlCacheHeaderData
FtpRemoveDirectoryA
CreateUrlCacheEntryW
InternetShowSecurityInfoByURLW
GetUrlCacheEntryInfoExW
InternetCreateUrlW
RetrieveUrlCacheEntryFileA
HttpSendRequestW

comdlg32

GetOpenFileNameW
LoadAlterBitmap
PrintDlgA
GetSaveFileNameA
FindTextA
GetFileTitleA
ReplaceTextA
ReplaceTextW
GetSaveFileNameW
PageSetupDlgW

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25658022363807ec08a822f770feb558

Headers

File Characteristics

Imports

kernel32

wininet

comdlg32

Sections

.text Size: 103KB - Virtual size: 103KB

.data Size: 104KB - Virtual size: 131KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 103KB - Virtual size: 103KB

.data
Size: 104KB - Virtual size: 131KB

.rsrc
Size: 4KB - Virtual size: 4KB