3ea0716ca8736d3d8abfe20bbab09d50_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3ea0716ca8736d3d8abfe20bbab09d50_JaffaCakes118
Size

262KB
MD5

3ea0716ca8736d3d8abfe20bbab09d50
SHA1

5356f7870e219e96a2dd61fb93d11cd20253437d
SHA256

ea4ad39eed219568242d658d45ee2f74e6b9dd6091d96ca034c94871eba61816
SHA512

72b2484389c283f580ea17a98842a8b7fbab8ad997f4bb58238d257b993b2e5063a92a8e1825dbd6650aa597bced6aea7a343f6b636cd2e15e39dfd4d0608a7b
SSDEEP

6144:v5vWSzHYGDlCjKdElrKPUXXREk+2ar3KSWutXQ9qSvIzb96OR92px1LPYDTWdUsv:BOSzHLDlCjKdElrKPUXXREB2ar3K1uWJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ea0716ca8736d3d8abfe20bbab09d50_JaffaCakes118

Files

3ea0716ca8736d3d8abfe20bbab09d50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

898811e99cfa2e62a5e3985333be52c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InsertMenuA
FillRect

comdlg32

GetOpenFileNameA
GetOpenFileNameW
ReplaceTextA
PrintDlgW
FindTextA
FindTextW
LoadAlterBitmap
GetSaveFileNameW
PrintDlgA

wininet

InternetOpenUrlW
InternetSetCookieW
FtpGetCurrentDirectoryW
InternetSecurityProtocolToStringA
GetUrlCacheConfigInfoA
SetUrlCacheGroupAttributeA
InternetCrackUrlW
InternetAlgIdToStringA
InternetFindNextFileA
HttpAddRequestHeadersA
RetrieveUrlCacheEntryStreamW
InternetTimeToSystemTimeA
InternetSecurityProtocolToStringW
InternetOpenUrlA
HttpSendRequestExA
FtpDeleteFileA

gdi32

RestoreDC
DPtoLP
GdiPlayScript

kernel32

VirtualFree
EnterCriticalSection
UnhandledExceptionFilter
SetHandleCount
HeapCreate
GetVersion
EnumResourceNamesW
InterlockedExchange
GetCurrentProcessId
HeapReAlloc
LoadLibraryExW
GetCurrentThreadId
GetSystemTimeAsFileTime
WideCharToMultiByte
VirtualQuery
GetStdHandle
VirtualAlloc
GetLastError
GetExitCodeProcess
TlsSetValue
DeleteCriticalSection
ExitProcess
GetCurrentProcess
LeaveCriticalSection
GetProcessShutdownParameters
HeapAlloc
WriteFile
GetEnvironmentStringsW
GetDateFormatW
GetStringTypeW
InitializeCriticalSection
GetCommandLineA
SetLastError
TlsGetValue
GetModuleFileNameA
SetTimeZoneInformation
LCMapStringW
GetStringTypeA
RtlUnwind
GetCurrentThread
FreeEnvironmentStringsW
GetCPInfo
LoadLibraryA
GetFileType
MultiByteToWideChar
QueryPerformanceCounter
GetModuleHandleA
GetOEMCP
FreeEnvironmentStringsA
LCMapStringA
GetProcAddress
GetProfileStringA
GetSystemDefaultLCID
TlsFree
GetStartupInfoA
TerminateProcess
GetEnvironmentStrings
HeapDestroy
TlsAlloc
GetTickCount
HeapFree
IsBadWritePtr
GetACP

shell32

RealShellExecuteExW
ExtractIconExW
SHBrowseForFolderA
SHFileOperationA
SHEmptyRecycleBinW
SHGetInstanceExplorer
ShellExecuteEx
SHQueryRecycleBinW
SHFileOperation

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

898811e99cfa2e62a5e3985333be52c1

Headers

File Characteristics

Imports

user32

comdlg32

wininet

gdi32

kernel32

shell32

Sections

.text Size: 117KB - Virtual size: 116KB

.data Size: 132KB - Virtual size: 132KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 117KB - Virtual size: 116KB

.data
Size: 132KB - Virtual size: 132KB

.rsrc
Size: 12KB - Virtual size: 11KB