5520355504f038a2ebf4f3a2b8c99847_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5520355504f038a2ebf4f3a2b8c99847_JaffaCakes118
Size

427KB
MD5

5520355504f038a2ebf4f3a2b8c99847
SHA1

fa5890ba4c60b92ed256a340b36eb4735c836d4e
SHA256

b445a26b3baff0404d9a6e60a41f1d930a91b3dec39acef598d72a6ff842a7b2
SHA512

577a318790346d539bf5e56bc33a4b80cc59fbda3478d1dbd804e4615ee5a94102193073e441adbca8d8f3568c97951b1301dc7473cd51b845c99d37e99da845
SSDEEP

6144:jP8iCGZ1CBJ9nIdpCMgU4ISIJUmfepuxwE5CtOWI+wNDj:oiHjeilHepPb0WIHh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5520355504f038a2ebf4f3a2b8c99847_JaffaCakes118

Files

5520355504f038a2ebf4f3a2b8c99847_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b0cde3fc7758ded6ed797b26aa60980

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetEnvironmentVariableW
LocalShrink
DeleteCriticalSection
TlsGetValue
GetCommandLineW
HeapAlloc
LoadLibraryA
GetFileType
MultiByteToWideChar
EnterCriticalSection
GetSystemDefaultLangID
GetCommandLineA
GetStdHandle
InterlockedExchange
GetTickCount
GetStartupInfoA
VirtualFree
WriteFile
FreeEnvironmentStringsA
LeaveCriticalSection
InitializeCriticalSection
GetModuleFileNameA
IsBadWritePtr
GetThreadPriorityBoost
GetCurrentThreadId
TlsAlloc
UnhandledExceptionFilter
GetProcAddress
GetEnvironmentStrings
TlsSetValue
HeapFree
GetTimeFormatW
HeapDestroy
WriteConsoleA
HeapCreate
VirtualQuery
GetLastError
SetLastError
GetSystemTimeAsFileTime
GetStartupInfoW
GetCurrentProcessId
GetEnvironmentStringsW
TlsFree
HeapReAlloc
RtlUnwind
ExitProcess
GetCurrentThread
FreeEnvironmentStringsW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
GetVersion
GetModuleHandleA
SetHandleCount

comdlg32

GetFileTitleA
PageSetupDlgW
PrintDlgW
GetOpenFileNameA
ChooseFontA
PageSetupDlgA
LoadAlterBitmap
FindTextW
ReplaceTextA
ReplaceTextW
GetSaveFileNameW
ChooseColorW

wininet

FtpPutFileA
FindFirstUrlCacheGroup
HttpQueryInfoW
FtpSetCurrentDirectoryA
GetUrlCacheGroupAttributeA
DeleteUrlCacheEntryW
DeleteUrlCacheContainerW
InternetWriteFileExW
SetUrlCacheEntryGroupW
UnlockUrlCacheEntryStream
GopherCreateLocatorA
SetUrlCacheEntryGroup
InternetCrackUrlW
FreeUrlCacheSpaceA
InternetQueryDataAvailable
InternetFortezzaCommand
FtpPutFileEx

gdi32

CreateEllipticRgnIndirect
EndDoc
CreateDCW
GetPixel
SetWindowOrgEx
GetSystemPaletteEntries
GetOutlineTextMetricsA
GetWorldTransform
GetGlyphOutline
Chord
CloseEnhMetaFile
GetStockObject
GetGraphicsMode
GetTextFaceW
StartDocW
SelectClipRgn
IntersectClipRect
SetPaletteEntries

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b0cde3fc7758ded6ed797b26aa60980

Headers

File Characteristics

Imports

kernel32

comdlg32

wininet

gdi32

Sections

.text Size: 119KB - Virtual size: 119KB

.data Size: 302KB - Virtual size: 301KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 119KB - Virtual size: 119KB

.data
Size: 302KB - Virtual size: 301KB

.rsrc
Size: 4KB - Virtual size: 4KB