157056d2c7c35725fa08facb78ad5498_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

157056d2c7c35725fa08facb78ad5498_JaffaCakes118
Size

91KB
MD5

157056d2c7c35725fa08facb78ad5498
SHA1

7e2cbab3a0bb503bc51d12c085f0e215e4277b04
SHA256

28c8c79865e30176637976056eab4276881fa5370008942dd90add826ca212a3
SHA512

8d863df126610b7ddef4762b2bd97144323b9941631be655ed3070b4f2b84b116d1ec0ed923bac3a063486d2684c6325cafdf1967d5bc66e3e6af83bc2eccd25
SSDEEP

1536:vdFtrsnYnb6VJ9eQi8CwaGmfqAYn9WvUrstHt5:Fznb6VMj5fHuXrstHD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
157056d2c7c35725fa08facb78ad5498_JaffaCakes118

Files

157056d2c7c35725fa08facb78ad5498_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14a042588d89bca5bb77947fdab91fb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheEntry

urlmon

URLDownloadToFileA

kernel32

ReadFile
DeleteFileA
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
CloseHandle
WriteFile
CreateFileA
TerminateProcess
FreeLibrary
GetProcAddress
LoadLibraryExA
MultiByteToWideChar
CompareStringA
GetVersionExA
GetModuleFileNameA
GetSystemDirectoryA
WideCharToMultiByte
LoadLibraryA
WinExec
GetPrivateProfileIntA
GetPrivateProfileStringA
Sleep
GetLastError
CreateMutexA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetFilePointer
FlushFileBuffers
SetUnhandledExceptionFilter
CompareStringW
SetEnvironmentVariableA
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
HeapSize
SetEndOfFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapDestroy
GetEnvironmentVariableA
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
LocalFree
HeapAlloc
HeapFree
RtlUnwind
GetFileAttributesA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
GetCurrentProcess
UnhandledExceptionFilter

user32

wsprintfA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoInitialize
OleUninitialize
OleInitialize
CoUninitialize

oleaut32

VariantClear

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14a042588d89bca5bb77947fdab91fb4

Headers

File Characteristics

Imports

wininet

urlmon

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 86KB

.sxdata Size: 4KB - Virtual size: 124B

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 86KB

.sxdata
Size: 4KB - Virtual size: 124B