eaff7150de3950ea9bed01d9cc60d70c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eaff7150de3950ea9bed01d9cc60d70c_JaffaCakes118
Size

134KB
MD5

eaff7150de3950ea9bed01d9cc60d70c
SHA1

cff98a36b20d08eaae40a8a1c0392b9dd5156283
SHA256

7dfb9ff25ecbd10f62aa76e3d1b3d2a22f4af2eee1f931a70719b3b2623c75b3
SHA512

d0edfafe09f5c021a07919390dc0524109b14c8d425fef6d6742d2938f91b81c9e12030aa1f98de0f5a4c481cb1dac2cfcf3b0100117a92e152b3873076f27dc
SSDEEP

3072:vGoZjboPF4a+M1FPsbD+tB/rrrCzWRy994GmNd:vGoZ6yaRPskNr3HRo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaff7150de3950ea9bed01d9cc60d70c_JaffaCakes118

Files

eaff7150de3950ea9bed01d9cc60d70c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c29cf1683705dd1c80e5c3efdb9fe20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileA
ExitProcess
FreeResource
GetACP
GetCommandLineA
GetDateFormatA
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemTimeAsFileTime
GetTimeFormatA
HeapAlloc
InterlockedIncrement
RtlUnwind
SetLastError
SleepEx

advapi32

RegCloseKey
RegEnumKeyA
RegLoadKeyA
RegOpenKeyExA
RegQueryValueA

wininet

InternetWriteFile
InternetSetStatusCallbackA
InternetSetOptionExA
InternetSetFilePointer
InternetQueryDataAvailable
InternetOpenA
InternetGetLastResponseInfoA
InternetGetCookieA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA

user32

LoadImageA
wsprintfA
GetWindowTextA
FillRect
DestroyWindow
MessageBoxA

shell32

ShellExecuteExA
ShellExecuteW
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHGetDesktopFolder
SHBindToParent

shlwapi

PathIsDirectoryA
PathQuoteSpacesA
StrChrA
PathIsRelativeA
StrStrIA
PathFindFileNameA
PathFindExtensionA
PathCompactPathExA
PathFileExistsA

imm32

ImmGetCompositionStringW
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetContext

msvcrt

malloc
__dllonexit
memcpy
memmove
sprintf
sscanf
_errno
free
strstr

Sections

.text
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c29cf1683705dd1c80e5c3efdb9fe20

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

user32

shell32

shlwapi

imm32

msvcrt

Sections

.text Size: 73KB - Virtual size: 76KB

.rdata Size: 23KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 30KB - Virtual size: 32KB

.text
Size: 73KB - Virtual size: 76KB

.rdata
Size: 23KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 30KB - Virtual size: 32KB