5658582ff3fbb5b10654445c6a01ce35_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5658582ff3fbb5b10654445c6a01ce35_JaffaCakes118
Size

280KB
MD5

5658582ff3fbb5b10654445c6a01ce35
SHA1

ad064dbf04aff021b62908ba7bf7344a0428e47b
SHA256

e8b76d78830e0f48d4492d9155b889518d7631813f9c36d9bd84eca1e307b011
SHA512

bca74fd5534e6a25145986c459cc1814f7e24fc55f675fea40c33a2989e4457e13e6217967359fa16ce00bda2700b9d53d9dcd242e5c2b101c14928f3c83219a
SSDEEP

6144:AAvmI7vOMJ0HB0bD0YqCW+1Y6sZLyZv+dqJp2RK7:fvmI7vTr9sZm9+dq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5658582ff3fbb5b10654445c6a01ce35_JaffaCakes118

Files

5658582ff3fbb5b10654445c6a01ce35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c95a1d8378a4c4038b674a8c96d61711

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
DuplicateHandle
GetVersionExA
GlobalAddAtomW
RtlUnwind
GetLocaleInfoW
GetVolumeInformationA
GetCurrentProcess
GetEnvironmentStrings
VirtualAlloc
HeapSize
GetTimeZoneInformation
HeapReAlloc
GetACP
GlobalSize
FreeEnvironmentStringsW
TerminateThread
HeapDestroy
GetModuleFileNameA
CompareStringA
GetLocaleInfoA
ExitProcess
EnterCriticalSection
GetLastError
WideCharToMultiByte
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetLogicalDriveStringsW
GetStringTypeA
QueryPerformanceCounter
SetHandleCount
IsValidLocale
GetProfileSectionW
IsValidCodePage
MultiByteToWideChar
GetConsoleCursorInfo
HeapAlloc
GetCommandLineA
HeapFree
GetVolumeInformationW
VirtualFree
GetCurrentProcessId
GetNumberFormatA
GetModuleFileNameW
VirtualProtect
LCMapStringW
GetStdHandle
TlsGetValue
EnumSystemLocalesA
GetOEMCP
CreateDirectoryExW
TlsFree
LCMapStringA
CreateProcessW
GetNamedPipeHandleStateA
UnhandledExceptionFilter
TlsSetValue
TlsAlloc
SetConsoleWindowInfo
SystemTimeToTzSpecificLocalTime
IsBadWritePtr
WriteFile
CloseHandle
GetDiskFreeSpaceExA
GetStartupInfoW
GetProcAddress
FreeEnvironmentStringsA
GetCPInfo
GetProfileStringW
GetUserDefaultLCID
InterlockedExchange
GetStringTypeW
SetLastError
GetCurrentThread
VirtualQuery
SetEnvironmentVariableA
LeaveCriticalSection
GetDateFormatA
HeapCreate
GetCurrentThreadId
GetSystemInfo
RtlZeroMemory
TerminateProcess
DeleteCriticalSection
GetTimeFormatA
GetCommandLineW
GetModuleHandleA
InitializeCriticalSection
GetFileType
GetStartupInfoA
VirtualAllocEx

shell32

CommandLineToArgvW
SHGetFileInfo
SHInvokePrinterCommandW
DragQueryPoint
SHGetNewLinkInfo
DragAcceptFiles
SHGetDesktopFolder
ShellAboutW
SHGetSpecialFolderLocation
ExtractAssociatedIconA
ExtractAssociatedIconExA

wininet

InternetGetConnectedState
DeleteUrlCacheContainerW
InternetSetOptionExW
InternetGetConnectedStateExW
RetrieveUrlCacheEntryFileA
DeleteUrlCacheEntryW
UnlockUrlCacheEntryFile
FtpPutFileA
FtpDeleteFileW
HttpCheckDavCompliance
FindNextUrlCacheGroup
CreateUrlCacheEntryA
InternetFindNextFileA
InternetOpenUrlW
FindFirstUrlCacheEntryExA
ReadUrlCacheEntryStream
GetUrlCacheConfigInfoW
HttpQueryInfoW
InternetReadFileExW
FtpGetFileEx
GetUrlCacheGroupAttributeA
InternetConfirmZoneCrossingW

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c95a1d8378a4c4038b674a8c96d61711

Headers

File Characteristics

Imports

kernel32

shell32

wininet

Sections

.text Size: 137KB - Virtual size: 137KB

.data Size: 137KB - Virtual size: 136KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 137KB - Virtual size: 137KB

.data
Size: 137KB - Virtual size: 136KB

.rsrc
Size: 4KB - Virtual size: 4KB