ec7993d4acb32c69caf89e5ab6021275_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec7993d4acb32c69caf89e5ab6021275_JaffaCakes118
Size

455KB
MD5

ec7993d4acb32c69caf89e5ab6021275
SHA1

d881b3fad7e48c054ab75199f1b5a7b7eb56fa3f
SHA256

3c9f10af601b1c32aff0cd7133a3a456a70cff90c557ac0582509c7a39c8ff1b
SHA512

b3b75844e0f94de71dba178b7e7effab69fbcd8e04d7dfcddf8b8834b1dd78a88ef6fd115cc9d483d22f5a8d1d39c7b29091e61b43bfd1d16be766dca506c462
SSDEEP

12288:6xowtkbJIioLUo9XK5F5tHEicsqBArjMMnMMMMMo6huqmo7u:WC2loBEmrjMMnMMMMMoK57

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec7993d4acb32c69caf89e5ab6021275_JaffaCakes118

Files

ec7993d4acb32c69caf89e5ab6021275_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ddbe3d15bce5ff7e0ed587fd7f6174d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Enumerate_Classes

wininet

InternetCombineUrlA
InternetCrackUrlA

urlmon

CopyBindInfo
CoInternetGetSession
CoInternetParseUrl
UrlMkSetSessionOption

shlwapi

StrCatBuffW

user32

CallMsgFilterW
TranslateMessage
CharNextA
GetMessageA
wsprintfA
DispatchMessageA
RegisterWindowMessageA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

VirtualAlloc
ConnectNamedPipe

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegEnumValueA
RevertToSelf
RegCloseKey
ImpersonateLoggedOnUser
RegEnumKeyExA
RegDeleteValueA
OpenThreadToken
RegNotifyChangeKeyValue
RegOpenKeyExA

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ddbe3d15bce5ff7e0ed587fd7f6174d

Headers

DLL Characteristics

File Characteristics

Imports

cfgmgr32

wininet

urlmon

shlwapi

user32

version

kernel32

advapi32

Sections

.text Size: 74KB - Virtual size: 73KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 24B

.data Size: 43KB - Virtual size: 1.8MB

.rsrc Size: 168KB - Virtual size: 168KB

.rdata Size: 166KB - Virtual size: 166KB

.text
Size: 74KB - Virtual size: 73KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 24B

.data
Size: 43KB - Virtual size: 1.8MB

.rsrc
Size: 168KB - Virtual size: 168KB

.rdata
Size: 166KB - Virtual size: 166KB