3a78b3b3c3a01d636e7782e1f43fa88a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a78b3b3c3a01d636e7782e1f43fa88a_JaffaCakes118
Size

451KB
MD5

3a78b3b3c3a01d636e7782e1f43fa88a
SHA1

a9f907fbb83864762603317794429f16656ee7a6
SHA256

599f0cb5e384a736aa31845acef979d929354231e2669d8f36bbdf99202dc5a7
SHA512

c2306d37bb899d9b22341a84ea6fc1761e12ee1d649773a51ea203513cc103cb7d86ce3a4da37f0809b8f8fc088907173a479506ed02aa792a73ebaac7a594e0
SSDEEP

12288:BWHEmxLN4dKyqt4LofUPSHyRWs/06LKze2Bmosu3h9WDO3oF:1UL6PguDVKVPX3h9WDOy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a78b3b3c3a01d636e7782e1f43fa88a_JaffaCakes118

Files

3a78b3b3c3a01d636e7782e1f43fa88a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d21f21b17401c958733738ec45cc91e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
Sleep
GetTimeFormatA
SetPriorityClass
RtlUnwind
GetFileType
GetCompressedFileSizeW
GetCurrentProcess
GetCommandLineW
VirtualAlloc
GetVersionExA
GetStringTypeA
HeapReAlloc
FreeLibrary
EnumCalendarInfoExA
FreeEnvironmentStringsA
GetVersion
UnhandledExceptionFilter
GetModuleFileNameA
SetVolumeLabelA
GetEnvironmentStringsW
TlsSetValue
DeleteCriticalSection
GetEnvironmentStrings
SetUnhandledExceptionFilter
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThread
CreateMailslotA
GetProcessHeap
QueryPerformanceCounter
LCMapStringA
InitializeCriticalSection
VirtualFree
HeapSize
IsValidCodePage
GlobalUnfix
HeapAlloc
GetCPInfo
HeapFree
GetCurrentDirectoryA
SetHandleCount
GetCurrentProcessId
LockFileEx
GetLastError
SetLastError
InterlockedIncrement
GetOEMCP
GetVolumeInformationA
EnterCriticalSection
GetLocaleInfoA
GetDriveTypeW
MultiByteToWideChar
InterlockedDecrement
FreeEnvironmentStringsW
CreateSemaphoreW
SetEnvironmentVariableA
SetConsoleCtrlHandler
LeaveCriticalSection
TlsGetValue
GetSystemTime
HeapDestroy
TlsFree
FillConsoleOutputCharacterW
ResumeThread
GetModuleFileNameW
GetProcAddress
EnumSystemLocalesA
GetACP
FlushFileBuffers
GetStringTypeW
InterlockedExchange
WideCharToMultiByte
LCMapStringW
GetCommandLineA
VirtualQuery
IsValidLocale
IsDebuggerPresent
FindNextChangeNotification
GetTimeZoneInformation
GetCurrentThreadId
GetStartupInfoW
EnumCalendarInfoExW
TerminateProcess
CompareStringW
GetStdHandle
LockResource
WriteFile
HeapCreate
GetDateFormatA
GetLocaleInfoW
lstrcpynW
ExitProcess
GetUserDefaultLCID
TlsAlloc
GetStartupInfoA
GetModuleHandleA

comdlg32

LoadAlterBitmap
PrintDlgA
GetFileTitleA
GetSaveFileNameW
PrintDlgW
ChooseFontW
ReplaceTextW
GetFileTitleW
ChooseColorW
PageSetupDlgA

wininet

DeleteUrlCacheContainerW
UnlockUrlCacheEntryStream
InternetShowSecurityInfoByURLA
CommitUrlCacheEntryA
InternetTimeToSystemTime
InternetSetOptionExW
SetUrlCacheGroupAttributeA
SetUrlCacheEntryInfoW
InternetWriteFileExW
CommitUrlCacheEntryW
HttpQueryInfoA
FtpGetFileSize
InternetGetConnectedStateExA
IsHostInProxyBypassList
InternetReadFile

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d21f21b17401c958733738ec45cc91e

Headers

File Characteristics

Imports

kernel32

comdlg32

wininet

Sections

.text Size: 129KB - Virtual size: 128KB

.data Size: 311KB - Virtual size: 340KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 129KB - Virtual size: 128KB

.data
Size: 311KB - Virtual size: 340KB

.rsrc
Size: 10KB - Virtual size: 10KB