437eb3dfa180848f52af896fbcb96a37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

437eb3dfa180848f52af896fbcb96a37_JaffaCakes118
Size

495KB
MD5

437eb3dfa180848f52af896fbcb96a37
SHA1

ae18622219ed148691282ce647b4ff316d42de8e
SHA256

f44bef0c544e6ca2a4fd4126c38c87ec9f0af64ed2866452e5ac85a585fb4478
SHA512

fe11deefacb7594e86c6e57a9228f476a812a62c43cabc59b76bc5a7ccac25d3a17ebb72c969a1eeb0cee878a14c571aaf8d8fd4c63ca6d34c9c3a034a8060df
SSDEEP

12288:S9dzcT9GhDAO/kH8DYRiI5ohff2PHDi5JgGl1nsQxca65ps2J:09cT9MDc8VOPjijdxcaoi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
437eb3dfa180848f52af896fbcb96a37_JaffaCakes118

Files

437eb3dfa180848f52af896fbcb96a37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68022e23d719ea58f6e6a58482e5c7d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSysColorBrush
LoadIconW
RegisterClassA
ModifyMenuW
EndPaint
AnyPopup
InflateRect
RegisterClassExA
DrawEdge
GetPriorityClipboardFormat
InsertMenuItemA

shell32

ExtractIconA
SHGetNewLinkInfo

wininet

IsUrlCacheEntryExpiredA
FindNextUrlCacheContainerA
InternetLockRequestFile
FtpPutFileW
GetUrlCacheEntryInfoExA
InternetCanonicalizeUrlW
FtpRemoveDirectoryA
InternetSetCookieA

kernel32

LeaveCriticalSection
CreatePipe
CreateFileW
WriteProfileStringA
TerminateProcess
FreeEnvironmentStringsW
GetCurrentProcessId
GetTickCount
CompareStringW
DeleteCriticalSection
InterlockedIncrement
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsA
GetStringTypeA
SetHandleCount
GetEnvironmentStringsW
GetCurrentThreadId
GlobalDeleteAtom
HeapCreate
ExitProcess
TlsGetValue
GetFileAttributesExA
GetVolumeInformationA
TlsFree
TlsSetValue
VirtualAlloc
MoveFileExW
HeapFree
IsBadWritePtr
GetCurrentThread
UnhandledExceptionFilter
GetModuleHandleA
GetCommandLineW
ReadConsoleOutputCharacterW
OpenMutexA
GetSystemTimeAsFileTime
CreateDirectoryExA
GetStringTypeW
GetSystemTime
GetFileType
InitializeCriticalSection
GetCPInfo
GetTimeZoneInformation
SetFilePointer
LCMapStringW
QueryPerformanceCounter
LCMapStringA
InterlockedExchange
CloseHandle
InterlockedDecrement
LocalAlloc
GetVersion
VirtualFree
RtlFillMemory
GetModuleFileNameA
CompareStringA
ReadFile
RtlUnwind
GetLogicalDrives
MultiByteToWideChar
GetProcAddress
GetEnvironmentStrings
SetFileAttributesA
HeapDestroy
FlushFileBuffers
LocalFree
GetStdHandle
HeapAlloc
VirtualQuery
GetPrivateProfileIntA
GetCommandLineA
WideCharToMultiByte
GetStartupInfoA
LoadLibraryA
GetCompressedFileSizeW
EnterCriticalSection
lstrcatW
LockFile
SetEnvironmentVariableA
GetStartupInfoW
lstrcmpi
GetAtomNameA
TlsAlloc
GetCurrentProcess
GetLocalTime
GetLastError
HeapReAlloc
FindFirstFileW
CreateFileMappingW
CreateMutexA
SetStdHandle
SetLastError

comctl32

InitCommonControlsEx

gdi32

SetTextJustification
WidenPath
ColorCorrectPalette

comdlg32

ReplaceTextA

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 354KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68022e23d719ea58f6e6a58482e5c7d7

Headers

File Characteristics

Imports

user32

shell32

wininet

kernel32

comctl32

gdi32

comdlg32

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 4KB - Virtual size: 18KB

.data Size: 354KB - Virtual size: 353KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 4KB - Virtual size: 18KB

.data
Size: 354KB - Virtual size: 353KB

.rsrc
Size: 5KB - Virtual size: 5KB