1a1e9aff45e34855effea34583cb2a0d_JaffaCakes118

General

Target

1a1e9aff45e34855effea34583cb2a0d_JaffaCakes118
Size

156KB
MD5

1a1e9aff45e34855effea34583cb2a0d
SHA1

a962724bc9e4e45de87341038d885479b3ac59ec
SHA256

2b61e113367b72c508a15715a64244cb3e5fc49655ac3b0112080115623199a8
SHA512

6d5c2436e619ea518db9bb6a32215c998a3b0b200fa5a1cd275c746d1fbe82cefd37162f241db954894e0520361bfce4f3a6f9755162c30676ccceb480700227
SSDEEP

3072:ECZhQ0I37BshHiyv/xtuuPDUQCKQXjhxnPz0PbCqjMwEYyD:EMhYShB/CuP/k3nbczLEYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a1e9aff45e34855effea34583cb2a0d_JaffaCakes118

Files

1a1e9aff45e34855effea34583cb2a0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12bab79536d4abbb869293fe367313bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ChooseFontA
GetFileTitleA

wininet

InternetCloseHandle
HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetStatusCallback
HttpQueryInfoA
InternetQueryDataAvailable
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenUrlA
InternetOpenA

kernel32

GetModuleFileNameA
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetLastError
CloseHandle
WriteFile
TerminateProcess
GetCurrentProcess
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12bab79536d4abbb869293fe367313bd

Headers

File Characteristics

Imports

comdlg32

wininet

kernel32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 80KB - Virtual size: 103KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 80KB - Virtual size: 103KB

.rsrc
Size: 4KB - Virtual size: 3KB