028ebc5fa838cbce0b80cda27074c3c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

028ebc5fa838cbce0b80cda27074c3c3_JaffaCakes118
Size

57KB
MD5

028ebc5fa838cbce0b80cda27074c3c3
SHA1

0de8097233b2b587c52bfd7a0d6f272a6d77890e
SHA256

9cd0001ce6dd18aa42a5dbea8b579d1c33495aa53b61d6c52a655669303cb28f
SHA512

2b87ade6dd19cea2d1c70f3662a9dcee89bce7dd1b116a6135b0e53a50bbe3a30895335d4b0f4daa7a2d32cc23a59e317c762944155aaf05c3e01a9f068a5c96
SSDEEP

768:kQSc8/cnQJlA5PO6Whl6i/Lkk6OEDxAnQahoICS4AIr6pcpuGWVe:j94mxSQMkryiICS4AAuBVe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
028ebc5fa838cbce0b80cda27074c3c3_JaffaCakes118

Files

028ebc5fa838cbce0b80cda27074c3c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

74c3d2f85fe79431444722b721706969

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetProcAddress
GetModuleFileNameA
GetModuleHandleA
CloseHandle
lstrlenA
MoveFileExA
lstrcatA
GetEnvironmentVariableA
CopyFileA
lstrcpyA
GlobalLock
GlobalUnlock
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
HeapAlloc
RaiseException
Sleep
HeapSize
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
CreateProcessA
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
LoadLibraryW
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
MultiByteToWideChar
GetStringTypeW
IsProcessorFeaturePresent
WriteFile
GetFileSize
GetFileType
CreateFileA

user32

CloseClipboard
EnumClipboardFormats
GetClipboardData
OpenClipboard

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

wininet

InternetOpenUrlA
InternetQueryDataAvailable
InternetReadFile
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74c3d2f85fe79431444722b721706969

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 176B