073fc523c75f0486058e19e9d269b3d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

073fc523c75f0486058e19e9d269b3d9_JaffaCakes118
Size

805KB
MD5

073fc523c75f0486058e19e9d269b3d9
SHA1

030ba03dd0634fcb1bc816a5435731d5e8b2a6ab
SHA256

0dd843a1b1e201bb9a82ac91015813281bf4c6307717759234af16bedff6b3d9
SHA512

2450896fd288d701b251cdcd442074d00429dce04e1938bbd853524841e341decafadec80f2181ebca2b2be378676452950dc4ad44a23772fe1fe05e7e0b99be
SSDEEP

12288:qtOIo5LSt00ioafier2uWKyOuBM30BYjzCU70hQzuLinY3LTEZhm3tBS/v/O:gPW+t5ioa6eCckTkzCa0hPrB3Pav/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
073fc523c75f0486058e19e9d269b3d9_JaffaCakes118

Files

073fc523c75f0486058e19e9d269b3d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e173951cb0b9c773102d86be1ccc5885

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpynA
GetModuleHandleA
LoadLibraryA
VirtualAlloc
VirtualFree
GetModuleFileNameA
ExitProcess

user32

ClientToScreen

advapi32

OpenServiceA

oleaut32

SafeArrayGetLBound

mpr

WNetGetUserA

version

VerQueryValueA

gdi32

SetBrushOrgEx

comctl32

ImageList_DragEnter

shell32

ShellExecuteA

wininet

InternetReadFile

wsock32

WSACleanup

ws2_32

closesocket

urlmon

URLDownloadToFileA

Sections

CODE
Size: - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ssmss00
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ssmss01
Size: - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.ssmss02
Size: 798KB - Virtual size: 797KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e173951cb0b9c773102d86be1ccc5885

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

mpr

version

gdi32

comctl32

shell32

wininet

wsock32

ws2_32

urlmon

Sections

CODE Size: - Virtual size: 433KB

DATA Size: - Virtual size: 6KB

BSS Size: - Virtual size: 4KB

.idata Size: - Virtual size: 10KB

.tls Size: - Virtual size: 20B

.rdata Size: - Virtual size: 24B

.ssmss00 Size: - Virtual size: 33KB

.rsrc Size: 5KB - Virtual size: 29KB

.ssmss01 Size: - Virtual size: 548KB

.ssmss02 Size: 798KB - Virtual size: 797KB

.reloc Size: 512B - Virtual size: 324B

CODE
Size: - Virtual size: 433KB

DATA
Size: - Virtual size: 6KB

BSS
Size: - Virtual size: 4KB

.idata
Size: - Virtual size: 10KB

.tls
Size: - Virtual size: 20B

.rdata
Size: - Virtual size: 24B

.ssmss00
Size: - Virtual size: 33KB

.rsrc
Size: 5KB - Virtual size: 29KB

.ssmss01
Size: - Virtual size: 548KB

.ssmss02
Size: 798KB - Virtual size: 797KB

.reloc
Size: 512B - Virtual size: 324B