3a974f52a87dbbc7ac604c96909dd6a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a974f52a87dbbc7ac604c96909dd6a7_JaffaCakes118
Size

434KB
MD5

3a974f52a87dbbc7ac604c96909dd6a7
SHA1

78583ab7cdffb87371bbd150a4a041c4a6e120a6
SHA256

ad80f854219c75556dfed1f3386ccc28f9817a5b705515d3608eb91d53576412
SHA512

67e12bb8828fe0d13b1c103c5cebc73d62ad1886a3de1fa4ee82d869fa99260a6548aaf616591001b3f1d2f2de0dd922d5248f8112b09082a6ed696dfa075a44
SSDEEP

12288:srTn33ZQr+Xe80aSvDyG8Aqls46trDNWzTIKdjbMz0:aTn3JQ610t81cu9j4z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a974f52a87dbbc7ac604c96909dd6a7_JaffaCakes118

Files

3a974f52a87dbbc7ac604c96909dd6a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6de855bf24c3271144963a88cf01b5ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StartDocW
GetColorAdjustment
CloseFigure
ColorMatchToTarget
GetEnhMetaFileA
GetColorSpace
GetRegionData

wininet

FreeUrlCacheSpaceA
GopherGetAttributeA
FindNextUrlCacheEntryExA
ShowSecurityInfo
ShowCertificate
InternetAttemptConnect
FtpSetCurrentDirectoryW
CommitUrlCacheEntryW
DeleteUrlCacheEntryA

shell32

SHAddToRecentDocs
RealShellExecuteExA
SHFileOperationW
SHQueryRecycleBinA
ShellExecuteExA
SHGetInstanceExplorer
ExtractIconA

advapi32

LookupPrivilegeNameA
CryptEnumProvidersA
CryptSetHashParam
LookupPrivilegeDisplayNameW
CryptSetProviderA
CryptHashData
CryptContextAddRef
CryptGenRandom

kernel32

TlsGetValue
GetStringTypeExA
TlsFree
IsBadWritePtr
GetModuleFileNameW
GetLastError
TlsSetValue
InterlockedExchange
GetCurrentProcessId
HeapReAlloc
DosDateTimeToFileTime
GetCurrentThreadId
GetSystemTimeAsFileTime
ReadConsoleW
VirtualQuery
GetEnvironmentStrings
VirtualAlloc
GetCommandLineA
VirtualAllocEx
TlsAlloc
GetDiskFreeSpaceW
ExitProcess
GetCurrentProcess
HeapDestroy
VirtualFree
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetProcessAffinityMask
GetFileType
GetStartupInfoW
TryEnterCriticalSection
LeaveCriticalSection
SetLastError
GetModuleFileNameA
SetFileAttributesW
HeapCreate
GetEnvironmentStringsW
RtlUnwind
DeleteCriticalSection
GetDateFormatW
IsValidLocale
LoadLibraryA
FreeEnvironmentStringsW
InitializeCriticalSection
QueryPerformanceCounter
GetModuleHandleA
GetCommandLineW
SystemTimeToFileTime
GetVersion
GetProcAddress
UnlockFile
CreateToolhelp32Snapshot
SetHandleCount
GetCurrentThread
TerminateProcess
EnterCriticalSection
GetStartupInfoA
MultiByteToWideChar
WriteFile
HeapFree
GetStdHandle
GetLocaleInfoW
FindAtomW
GetTickCount

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6de855bf24c3271144963a88cf01b5ba

Headers

File Characteristics

Imports

gdi32

wininet

shell32

advapi32

kernel32

Sections

.text Size: 128KB - Virtual size: 128KB

.data Size: 302KB - Virtual size: 302KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 128KB - Virtual size: 128KB

.data
Size: 302KB - Virtual size: 302KB

.rsrc
Size: 2KB - Virtual size: 2KB