082b0c112f88823989e6279e99fbcb43_JaffaCakes118

General

Target

082b0c112f88823989e6279e99fbcb43_JaffaCakes118
Size

10KB
MD5

082b0c112f88823989e6279e99fbcb43
SHA1

a92e4d98cda2848056e825af023f1a5ded04e417
SHA256

e44352a0c612b50fd922913f0e636723773f026a7227acb0951f3a2a2b31aaeb
SHA512

97b2c605182a883b61dc58311593343f0b0ae363ee6a8fc0a04866dba630cb1178d7ad9d0775fd2c51a7891a5977318702b7cd82ea8f76e86aeb07e435d9a596
SSDEEP

192:9Hx2/G/HBp1LE2fIdqv1eJHE2KUTzg1idlj13+CJC1c5h3xYc1:xEeHi2Gqv1eJHkUTzg1gl+CJC1c5h3CS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
082b0c112f88823989e6279e99fbcb43_JaffaCakes118

Files

082b0c112f88823989e6279e99fbcb43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f808aa3d66fd6488bb220a011b39bf2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItem
EnumWindows
ShowWindow
SendMessageA
MoveWindow
GetWindowThreadProcessId
wsprintfA
IsWindowVisible
GetWindowTextA

kernel32

FindClose
FindFirstFileA
GetLocaleInfoA
GetModuleFileNameA
GetProcessHeap
GetShortPathNameA
GetSystemTime
GetTempPathA
GetVersion
GetVersionExA
ExitProcess
HeapAlloc
HeapFree
Sleep
SystemTimeToFileTime
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
DeleteFileA
CreateProcessA
CreateFileA
CloseHandle
TerminateProcess
OpenProcess
GetWindowsDirectoryA
CreateMutexA
GetEnvironmentVariableA
lstrcmpiA
GetLastError
GetCommandLineA

shell32

ShellExecuteA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
GetUserNameA
RegOpenKeyExA
RegDeleteValueA

rasapi32

RasHangUpA
RasEnumConnectionsA

wininet

InternetOpenA
InternetQueryDataAvailable
InternetReadFile
InternetConnectA
InternetCloseHandle
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5f808aa3d66fd6488bb220a011b39bf2

Headers

File Characteristics

Imports

user32

kernel32

shell32

advapi32

rasapi32

wininet

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 32KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 32KB