56e263aaefb974b01219b234351e7d61_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

56e263aaefb974b01219b234351e7d61_JaffaCakes118
Size

501KB
MD5

56e263aaefb974b01219b234351e7d61
SHA1

16640cb406d4d2f4791025a03c42ee3da7d26311
SHA256

1ab758fb2495e33d6f788c15c61daa5e0ef079b23f9c254bd5ad41ae1155772f
SHA512

8409ef5e592eb565e071c99e3040851ed32eb6ae50785282bdb0dec387d09ab4f13bd2d1aad36eee7da6dad882826632b13dcb8099f6a0efc64aea04b43df735
SSDEEP

6144:bcJObXZ+fd+DANZzfrqz4JRCFJJ0FXh+QxFQLuOinYmnakCqtOnSxkVDNPetqKd5:gRu0FxsmnaxOH8NAY/LBQIxJIDlvx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56e263aaefb974b01219b234351e7d61_JaffaCakes118

Files

56e263aaefb974b01219b234351e7d61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db035e5381a48028433550ca40ed6139

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\clejvmhhem\wstigz.pdb

Imports

kernel32

GetCurrentProcess
HeapSize
VirtualFree
LocalFileTimeToFileTime
LCMapStringW
InitializeCriticalSectionAndSpinCount
EnumSystemLocalesA
lstrcmpW
InterlockedDecrement
GetCommandLineA
ExitProcess
FindFirstFileExA
GetLocaleInfoA
GetLocaleInfoW
GlobalLock
GetCPInfo
FlushFileBuffers
CreateMutexW
GetSystemDefaultLCID
ReadConsoleInputA
GetACP
GetTimeFormatA
ExpandEnvironmentStringsW
LockFile
GetCompressedFileSizeW
OpenFileMappingA
VirtualAlloc
UnhandledExceptionFilter
WideCharToMultiByte
DeleteCriticalSection
CompareStringA
LeaveCriticalSection
TlsAlloc
GetModuleHandleW
TlsFree
GetCurrentProcessId
GetOEMCP
FreeEnvironmentStringsW
AddAtomW
HeapDestroy
TlsSetValue
RtlUnwind
VirtualQuery
CreateFileA
InterlockedIncrement
LockFileEx
GetConsoleCP
MultiByteToWideChar
IsValidLocale
CompareStringW
HeapCreate
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
EnumCalendarInfoW
CreateWaitableTimerW
FindNextChangeNotification
SetLocaleInfoA
FreeLibrary
GetTickCount
SetFilePointer
GetLastError
GetStartupInfoA
CreateMutexA
GetConsoleOutputCP
SetStdHandle
GetConsoleMode
SetHandleCount
GetSystemTimeAsFileTime
IsDebuggerPresent
GetEnvironmentStrings
GetModuleFileNameA
GetStringTypeW
GetEnvironmentStringsW
HeapAlloc
SetLastError
ReadFile
GetModuleHandleA
GetFileType
GetStringTypeA
FreeEnvironmentStringsA
HeapFree
GetCurrentThreadId
WriteConsoleW
VirtualProtect
WriteFile
QueryPerformanceCounter
SetEnvironmentVariableA
LCMapStringA
EnterCriticalSection
GetSystemTime
GetCurrentThread
IsValidCodePage
OpenMutexA
GetProcAddress
LoadLibraryA
Sleep
TlsGetValue
HeapReAlloc
OpenMutexW
GetUserDefaultLCID
TerminateProcess
WriteConsoleA
CloseHandle
GetStdHandle
InterlockedExchange
GetTimeZoneInformation
GetDateFormatA

comctl32

InitCommonControlsEx

wininet

HttpEndRequestA
FtpRemoveDirectoryW
InternetOpenA
RegisterUrlCacheNotification
FindNextUrlCacheEntryW
UpdateUrlCacheContentPath
InternetAttemptConnect
InternetFindNextFileW
InternetShowSecurityInfoByURLW

user32

RegisterClassA
SetWindowTextA
RegisterClassExA
SetRectEmpty
IsCharLowerA
WaitMessage
FindWindowW
SetCursor
UnregisterClassW
GetMenuInfo
CopyIcon
GetWindowDC

shell32

SheGetDirA
SHFileOperationA
SHQueryRecycleBinA
FindExecutableW
SHGetDataFromIDListW

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db035e5381a48028433550ca40ed6139

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

wininet

user32

shell32

Sections

.text Size: 350KB - Virtual size: 350KB

.rdata Size: 32KB - Virtual size: 45KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 350KB - Virtual size: 350KB

.rdata
Size: 32KB - Virtual size: 45KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 11KB - Virtual size: 11KB