f7d9fdb5587a91c8ab0ac23209619391_JaffaCakes118

General

Target

f7d9fdb5587a91c8ab0ac23209619391_JaffaCakes118
Size

20KB
MD5

f7d9fdb5587a91c8ab0ac23209619391
SHA1

6657cacd38d47e8a6945fe7cb4757f4eb5a7c978
SHA256

b89c231f6dcf0b73adf3111ac77a41dd604b4c59fe2fc5ac4eb61f26bc23c443
SHA512

0a7c2687d67255194ffd22c833a86b93d0157b75b3955d3cda9140841ec3a79eba8fd2399dc23a96def8e1b8e9a9393912b9f6569b30bf9b439e1d955a17135d
SSDEEP

384:IKkBB78HJUwxq1y83vFoPJE8osGRi+UqzPNe+VvXJL8Wpa0TTCziUuF5HV4Xf+iD:xvpt01h/FoPJE8osGRi+UqzPNe+VvXJu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7d9fdb5587a91c8ab0ac23209619391_JaffaCakes118

Files

f7d9fdb5587a91c8ab0ac23209619391_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a41f42fbae919fa8f54e249424fe933

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_beginthread
atoi
_endthread
calloc
strncpy
rand
_strdup
strchr
strtok
realloc
fopen
malloc
fwrite
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_CxxThrowException
wcslen
??2@YAPAXI@Z
free
fclose
srand
_onexit

kernel32

GetLastError
WideCharToMultiByte
LocalFree
lstrcmpA
lstrcatA
CreateProcessA
CloseHandle
GetTickCount
lstrcpyA
GetLocaleInfoA
WinExec
lstrlenA
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
CopyFileA
GetShortPathNameA
SetErrorMode
CreateMutexA
WaitForSingleObject
ExitProcess
Sleep
DeleteFileA
TerminateThread

user32

wsprintfA
BlockInput
ShowWindow
FindWindowExA
SendMessageA

ws2_32

WSAStartup
send
closesocket
gethostbyname
htons
socket
connect
recv

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantClear
VariantInit
SysAllocString

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a41f42fbae919fa8f54e249424fe933

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ws2_32

wininet

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 16KB