7554f37d7bd44e824bfd5d6ea3382167_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7554f37d7bd44e824bfd5d6ea3382167_JaffaCakes118
Size

136KB
MD5

7554f37d7bd44e824bfd5d6ea3382167
SHA1

67f09230c8743ebb53db6b8e3dcedc6cc7a04670
SHA256

de7a884b3fb0cde2f60bfc12a6dc8a7a887fa9bcbfa236bee5ffe9d39f1545b4
SHA512

59a0a7d44b5fb34748f5fa6c49e6e850362df59c403eeefd5debfb4399c206d04e622f6fca11aab043de90fa93de965844402fe1e11ea5b4e7edd8f8c8a40260
SSDEEP

1536:8Zjtb9dV6PbAuzLmWe3fXQCAcWWxgCO8DT4cAPoCDri5wrpL4/x6MZ5lVRSLcc4v:cJbjY8KLSEcMACDrzrpL20e5l2HC5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7554f37d7bd44e824bfd5d6ea3382167_JaffaCakes118

Files

7554f37d7bd44e824bfd5d6ea3382167_JaffaCakes118
.exe windows:5 windows x86 arch:x86

96197fcffabcdc7bccebae215fd67a89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA

wininet

HttpSendRequestA
HttpOpenRequestA
HttpQueryInfoA
InternetQueryOptionA
InternetReadFile
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCrackUrlA
InternetSetOptionA

iphlpapi

GetAdaptersAddresses

psapi

GetProcessImageFileNameA
EnumProcesses

kernel32

GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapAlloc
HeapFree
GetProcessHeap
GetVersion
Sleep
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
GetTempFileNameA
GetWindowsDirectoryA
GetVolumeInformationA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualAllocEx
OpenProcess
ExitProcess
TerminateProcess
CreateThread
GetProcessId
GetLastError
WriteProcessMemory
GetThreadContext
RtlUnwind
ResumeThread
GetFileSize
WriteFile
ReadFile
CloseHandle
GetSystemInfo
lstrcmpiA
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
CreateProcessA
GetEnvironmentVariableA
CreateFileA
DeleteFileA
GetComputerNameA
IsDebuggerPresent
VirtualFreeEx
SetThreadContext

user32

wsprintfA

advapi32

RegSetValueExA
RegCloseKey
LookupAccountSidA
GetTokenInformation
OpenProcessToken
RegOpenKeyExA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96197fcffabcdc7bccebae215fd67a89

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

wininet

iphlpapi

psapi

kernel32

user32

advapi32

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 740B

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 740B