531befe80ead025b5e491c876367d00a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

531befe80ead025b5e491c876367d00a_JaffaCakes118
Size

239KB
MD5

531befe80ead025b5e491c876367d00a
SHA1

17764c8dff76a35abd23335639137e289bd073ce
SHA256

5197df8f356cbea4b31b2cc9d4140eec66880ffa9c14107c11c0793bbac7189d
SHA512

27f9cddaaaa2ac5fe0e006bad8e7acc64f5be2fcf1e850b670ae7949fc548048016d1f0ffa385892a52d9739f1f238fc8b69c3f15d0b4d4a4ff48d13d5e728fc
SSDEEP

6144:7kse1T1HjaMu9CEPGImtXvIWmVzYZpyIuQySJekfPIaGRDxNdA:a1DjWPFC2VqFuk69xNS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
531befe80ead025b5e491c876367d00a_JaffaCakes118

Files

531befe80ead025b5e491c876367d00a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb989b03312cf682ca60a1cdc8f4782e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

UnlockUrlCacheEntryStream
InternetWriteFile
GopherGetAttributeA
CreateUrlCacheContainerW
IsUrlCacheEntryExpiredW
DeleteIE3Cache
FindFirstUrlCacheEntryExW
FindFirstUrlCacheEntryW
DeleteUrlCacheContainerW
SetUrlCacheEntryInfoA
InternetReadFileExA

shell32

SHGetFileInfoW
DoEnvironmentSubstA
SHGetSpecialFolderPathW
SHGetDataFromIDListW
DoEnvironmentSubstW
SHGetDataFromIDListA
SheChangeDirA
SHBrowseForFolderA
SHGetDiskFreeSpaceA

gdi32

GetBkColor
EnableEUDC
GetCharABCWidthsW
CreateEnhMetaFileA
OffsetWindowOrgEx
SetSystemPaletteUse
SetEnhMetaFileBits
CreateRectRgnIndirect

advapi32

CryptVerifySignatureW
CryptDestroyKey
LookupPrivilegeValueW
RegQueryValueExW
LookupPrivilegeNameW
InitializeSecurityDescriptor
LogonUserA
AbortSystemShutdownA
CreateServiceW
RegDeleteValueW
LookupAccountNameA
ReportEventA
CryptSetProvParam
LookupPrivilegeDisplayNameW
CryptVerifySignatureA
CryptGetDefaultProviderW
CryptDuplicateKey
CryptEnumProvidersW
GetUserNameW
DuplicateToken
DuplicateTokenEx
LookupPrivilegeNameA
CryptAcquireContextA
RegCloseKey

kernel32

HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
DeleteCriticalSection
GetStdHandle
HeapAlloc
ExitProcess
GetFileType
LoadLibraryA
GetTickCount
InterlockedExchange
RtlUnwind
IsBadWritePtr
InitializeCriticalSection
FreeEnvironmentStringsW
GetVersion
WriteFile
GetCommandLineA
GetStartupInfoW
GetCurrentProcess
GetStartupInfoA
GetCurrentProcessId
GetCommandLineW
TlsGetValue
TlsFree
GetProcAddress
MultiByteToWideChar
GetCurrentThread
UnhandledExceptionFilter
GetModuleFileNameA
TlsSetValue
SetLastError
EnterCriticalSection
VirtualAlloc
LeaveCriticalSection
GetEnvironmentStringsW
GetCurrentThreadId
TlsAlloc
HeapFree
HeapDestroy
GetWindowsDirectoryW
HeapReAlloc
GetLastError
TerminateProcess
FreeEnvironmentStringsA
VirtualFree
GetEnvironmentStrings
SetHandleCount
GetModuleFileNameW
GetModuleHandleA
VirtualQuery

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb989b03312cf682ca60a1cdc8f4782e

Headers

File Characteristics

Imports

wininet

shell32

gdi32

advapi32

kernel32

Sections

.text Size: 95KB - Virtual size: 94KB

.data Size: 129KB - Virtual size: 128KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 95KB - Virtual size: 94KB

.data
Size: 129KB - Virtual size: 128KB

.rsrc
Size: 14KB - Virtual size: 13KB