535a350289f99212a022315085e1b81e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

535a350289f99212a022315085e1b81e_JaffaCakes118
Size

451KB
MD5

535a350289f99212a022315085e1b81e
SHA1

898f1a65e8f32eefb5d9746ea46c24bbf2fea51b
SHA256

edb429bf8169586f130b160ae9d0d24f4966e8575422ed9ed18264ce175d20f7
SHA512

51dcb892fee019ee815d0f91be755e267e4fa291be2cc3b4755c63e4910b7a14205f45f4975e25839e12575bb756521d2950634b78671f2302f14aa4e3b73962
SSDEEP

6144:5s8Bt6cwS/KI7WzbC6Lmyyf9rXJoX5Q+QdfbQpB96pAxRSM9qz6XHoMWNRVgJ1:xLwSWzO6Rs9rjdf2BgpiRSUquIM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
535a350289f99212a022315085e1b81e_JaffaCakes118

Files

535a350289f99212a022315085e1b81e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da2c72036f8a534feccd67b2ceb378bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCompressedFileSizeA
GetLastError
SetVolumeLabelW
GetCurrentDirectoryA
GetCommandLineW
FlushInstructionCache
HeapAlloc
Sleep
LCMapStringW
HeapCreate
SetConsoleCtrlHandler
WideCharToMultiByte
FindFirstFileW
FlushFileBuffers
VirtualFree
IsValidLocale
TlsSetValue
GetEnvironmentStrings
GetEnvironmentStringsW
OpenFileMappingA
InterlockedIncrement
DeleteCriticalSection
GetFileType
EnterCriticalSection
HeapDestroy
GetModuleFileNameW
MultiByteToWideChar
GetDateFormatA
GetProcAddress
MoveFileA
GetCurrentThread
SetLastError
LockFileEx
CompareStringW
SetWaitableTimer
GetOEMCP
VirtualQuery
GetVersionExA
SetHandleCount
InitializeCriticalSection
GetLongPathNameW
GetStartupInfoA
LeaveCriticalSection
GetCommandLineA
HeapReAlloc
GetUserDefaultLCID
ExitProcess
GetCurrencyFormatA
EnumDateFormatsExW
VirtualAlloc
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcess
GetStringTypeA
GetModuleHandleA
FreeEnvironmentStringsW
GetStartupInfoW
GetStdHandle
GetCurrentThreadId
InterlockedDecrement
TlsFree
CompareStringA
FreeLibrary
GetCurrentProcessId
UnhandledExceptionFilter
GetStringTypeW
GetNumberFormatW
LCMapStringA
GetTickCount
GetLocaleInfoW
FindFirstFileExW
FreeEnvironmentStringsA
IsDebuggerPresent
HeapSize
RtlUnwind
EnumSystemLocalesA
GetSystemTimeAsFileTime
InterlockedExchange
GetTimeFormatA
GetACP
GetTimeZoneInformation
GetCPInfo
TlsGetValue
GetLocaleInfoA
GetProcessHeap
HeapFree
TerminateProcess
LoadLibraryA
GlobalGetAtomNameW
SetEnvironmentVariableA
WriteFile
GetConsoleTitleW
GetModuleFileNameA
IsValidCodePage
lstrcmpW
TlsAlloc

comdlg32

ChooseFontW
ChooseColorW
GetOpenFileNameA
ReplaceTextA

shell32

SHFileOperationA
SHFileOperation
SHEmptyRecycleBinW
SHGetNewLinkInfo

wininet

DeleteUrlCacheEntry
SetUrlCacheEntryGroup
HttpCheckDavCompliance
GopherCreateLocatorW
DeleteIE3Cache
HttpOpenRequestA
InternetOpenUrlA
InternetTimeToSystemTimeW
SetUrlCacheEntryGroupW
RetrieveUrlCacheEntryStreamA
InternetCreateUrlA
InternetAutodial
InternetCrackUrlA
HttpQueryInfoA
InternetCombineUrlW
HttpQueryInfoW
SetUrlCacheGroupAttributeW

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da2c72036f8a534feccd67b2ceb378bb

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

wininet

Sections

.text Size: 129KB - Virtual size: 129KB

.data Size: 310KB - Virtual size: 309KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 129KB - Virtual size: 129KB

.data
Size: 310KB - Virtual size: 309KB

.rsrc
Size: 11KB - Virtual size: 10KB