44cd00afa455c3ad6ea72fb73c952625_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44cd00afa455c3ad6ea72fb73c952625_JaffaCakes118
Size

239KB
MD5

44cd00afa455c3ad6ea72fb73c952625
SHA1

da25983c1af789331373982246bff2de57b278d9
SHA256

ce7a87bd30d6446277e311c6370c14afd4bbb351b5b087ff88dc93710fdbb653
SHA512

534adb09ea5bd2d6e48dfa9e6b0f587a5aab6f7fe5338d4d01afbaece424d9e2584000cbc1c8cbb91224a979548eeebad5146b82bf1bfce75631501d91bf29fd
SSDEEP

6144:X/7XQy2qvivY29meOmZWm+hvYbxdiF0ZM9+NSJH7NU2zje3u:zXoqvn29meOmZahqxMF0ZDNSJppzj6u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44cd00afa455c3ad6ea72fb73c952625_JaffaCakes118

Files

44cd00afa455c3ad6ea72fb73c952625_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4be16079aa109a39f58db2cdeb2129c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
VirtualFree
IsBadWritePtr
CreateProcessA
RtlUnwind
GetStartupInfoW
GetStringTypeA
GetCurrentProcess
GetLocaleInfoA
VirtualAlloc
LCMapStringA
HeapSize
HeapReAlloc
GetEnvironmentStrings
DeleteFileW
GetDateFormatA
EnumSystemLocalesA
IsValidLocale
GetModuleFileNameA
FreeEnvironmentStringsW
GetStartupInfoA
ExitProcess
GetCommandLineA
GetOEMCP
GetSystemInfo
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetLocaleInfoW
EnterCriticalSection
GetUserDefaultLCID
QueryPerformanceCounter
TlsSetValue
SetEnvironmentVariableA
FindAtomW
MultiByteToWideChar
TlsFree
DeleteCriticalSection
HeapAlloc
GetFileType
HeapFree
ReadConsoleA
LCMapStringW
GetCurrentProcessId
GetAtomNameW
GetStdHandle
GetModuleFileNameW
SetLastError
GetTimeZoneInformation
CompareStringW
GetCommandLineW
GetStringTypeW
FreeEnvironmentStringsA
WideCharToMultiByte
SetHandleCount
GetPrivateProfileStructW
GetTempPathW
GetModuleHandleA
WriteFile
VirtualProtect
WritePrivateProfileStringW
GetCompressedFileSizeA
LeaveCriticalSection
FreeResource
GetSystemDefaultLCID
CompareStringA
GetTimeFormatA
GetProcAddress
GetCurrentThread
GetEnvironmentStringsW
RtlMoveMemory
InitializeCriticalSection
InterlockedExchange
GetVersionExA
UnhandledExceptionFilter
GetLastError
VirtualQuery
TlsGetValue
TlsAlloc
ReadConsoleInputW
IsValidCodePage
GetCurrentThreadId
HeapCreate
lstrcpyA
TerminateProcess
GetCPInfo
HeapDestroy
GlobalSize

wininet

DeleteUrlCacheEntryA
DetectAutoProxyUrl
LoadUrlCacheContent
RegisterUrlCacheNotification
FindNextUrlCacheEntryExW
FtpCommandA
HttpAddRequestHeadersA
InternetCombineUrlA
InternetTimeToSystemTimeA
FindNextUrlCacheContainerA
InternetCheckConnectionW
InternetQueryOptionW
DeleteUrlCacheContainerA
GopherCreateLocatorA
GetUrlCacheConfigInfoA
FtpRenameFileW
InternetGetLastResponseInfoW

comdlg32

GetFileTitleW
GetFileTitleA
PrintDlgA
FindTextA

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4be16079aa109a39f58db2cdeb2129c3

Headers

File Characteristics

Imports

kernel32

wininet

comdlg32

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 110KB - Virtual size: 117KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 110KB - Virtual size: 117KB

.rsrc
Size: 11KB - Virtual size: 11KB