f07048eef266f847fa913bd1757fe854_JaffaCakes118

General

Target

f07048eef266f847fa913bd1757fe854_JaffaCakes118
Size

66KB
MD5

f07048eef266f847fa913bd1757fe854
SHA1

be0eae6397484bed4bf33bd3ef5024dc1ab0ad02
SHA256

4185dc6ac9deee706c2ddd5269d43be7dc540990c816064240f55d1b80f24ec7
SHA512

eed113f59e7a4f1368d38add809620d60659d2787929a30f6ac92c2e10adca696239500f8e4a3789d5505b64583515e12437db3312adf015d1ff464d00c152ac
SSDEEP

768:850neAfTLbzraHOFI4Aa7KNdQ5AUK7q5f50neAfTLbx50neAfTLbzraHOFI+On3a:8tETzraeAwqdQ5Af7qdtETxtETzraRx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f07048eef266f847fa913bd1757fe854_JaffaCakes118

Files

f07048eef266f847fa913bd1757fe854_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f92959779bb9e3d1566a6148946f1e75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeviceIoControl
CreateFileA
GetVolumeInformationA
ExitProcess
TerminateProcess
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
IsBadWritePtr
GetComputerNameA
WriteFile
lstrlenA
GetCurrentProcessId
GetSystemDirectoryA
GetTickCount
GetVersionExA
Sleep
GetTempPathA
CreateProcessA

user32

wsprintfA
GetWindow
GetDlgItem

shell32

ShellExecuteExA
SHChangeNotify
SHGetSpecialFolderPathA

msvcrt

_strdup
strncpy
sprintf
atol
_except_handler3
atoi
rand
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
strstr
srand
time
strncat

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xlen@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

shlwapi

PathGetDriveNumberA

wininet

InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 62KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f92959779bb9e3d1566a6148946f1e75

Headers

File Characteristics

Imports

kernel32

user32

shell32

msvcrt

msvcp60

shlwapi

wininet

Sections

.text Size: 62KB - Virtual size: 65KB

.rdata Size: 2KB - Virtual size: 2KB

.text
Size: 62KB - Virtual size: 65KB

.rdata
Size: 2KB - Virtual size: 2KB