fb5bb2cb0f1e8bf0ece9a98955ed38e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb5bb2cb0f1e8bf0ece9a98955ed38e4_JaffaCakes118
Size

24KB
MD5

fb5bb2cb0f1e8bf0ece9a98955ed38e4
SHA1

6109604a044faec1611d0a22baa893915fffa6c4
SHA256

3e4dd73e002cddfc4ce1cb7da14cc2f0ae4815f4ab2b3678e32fec20fafb7963
SHA512

9da46d75cb09be3d691d5cc037ed7a835d3dc7f433fc43dd8b423c8474604371724a87a05da7e6f9b5d14eed163a20665802aa010a18cc997e86dddb531d0873
SSDEEP

768:NRJazACGqy4l1JgD+gTW5Iwzv7BbQ1H9Qwh:/JazxG34lIIzdQ1Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb5bb2cb0f1e8bf0ece9a98955ed38e4_JaffaCakes118

Files

fb5bb2cb0f1e8bf0ece9a98955ed38e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6fe6814ff8dd00250d46918cdd188121

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrNCatA
StrToIntA
wvnsprintfA
wnsprintfA
StrStrA
StrRChrA
StrCmpNA
StrChrA
StrStrIA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState

ws2_32

inet_ntoa
htonl
ntohl
closesocket
select
connect
ioctlsocket
htons
socket
inet_addr
recv
send
gethostbyname
getsockname
WSACleanup
WSAStartup

mpr

WNetAddConnection2A

kernel32

lstrcpyA
WaitForSingleObject
MoveFileExA
GetShortPathNameA
GetWindowsDirectoryA
SetFilePointer
TerminateThread
CreateMutexA
SetUnhandledExceptionFilter
SetErrorMode
CopyFileA
DeleteFileA
GetVersionExA
GetModuleFileNameA
ExitProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
Module32First
OpenProcess
TerminateProcess
GetCurrentProcess
lstrcmpiA
ReadFile
WriteFile
GetSystemDirectoryA
lstrcmpA
lstrcpynA
lstrlenA
ExitThread
Sleep
LeaveCriticalSection
EnterCriticalSection
GetTickCount
GetLastError
CreateThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapAlloc
GetProcessHeap
HeapFree
lstrcatA
FormatMessageA
CloseHandle
CreateFileA
CreateProcessA
CreateEventA

user32

wsprintfA

advapi32

RegSetValueExA
LookupPrivilegeValueA
RegOpenKeyExA
RegCreateKeyA
AdjustTokenPrivileges
RegCloseKey
OpenProcessToken

shell32

ShellExecuteA

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6fe6814ff8dd00250d46918cdd188121

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

wininet

ws2_32

mpr

kernel32

user32

advapi32

shell32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 253KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 253KB