16afa80f602ba2a62f98d2be4696b145_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16afa80f602ba2a62f98d2be4696b145_JaffaCakes118
Size

88KB
MD5

16afa80f602ba2a62f98d2be4696b145
SHA1

790775aa00b975e3d0a87b9b423e70dba8dabb03
SHA256

c73c9a661448c20bfab1927f428729787962f15fad1cae1ed14b2e32875b3e38
SHA512

b2712e02f91a4eebfe4dea762d1fe4950afcb46a4346eca00b054a2dfef34cd8abf549214642fddf306b16548742e617c8d7121798b195624e656b29a33b8b31
SSDEEP

1536:oVA3HVQRYsiwKl6Bq0Kfb5YAXAPlamrEMzbG3jN:wGQ2zwKl6Bq0iONzbGT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16afa80f602ba2a62f98d2be4696b145_JaffaCakes118

Files

16afa80f602ba2a62f98d2be4696b145_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a084e24e48ac11079afa810693b7f8c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GlobalFree
GlobalAlloc
DeviceIoControl
GetCurrentProcess
LoadLibraryA
WriteConsoleW
lstrcmpA
GetStartupInfoA
GetModuleHandleA

user32

ValidateRect
PostMessageA
InvalidateRect
OpenClipboard
BeginPaint
GetWindowTextLengthA
DestroyMenu
GetSystemMetrics
MapWindowPoints
FrameRect
RegisterClassExA
ClientToScreen
SystemParametersInfoA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shlwapi

StrStrA
wnsprintfA
PathFindExtensionA
StrDupA
PathIsUNCA

ole32

CoRegisterSurrogate
CoRegisterClassObject
CoTaskMemFree
CoTaskMemAlloc
CoInitialize

ws2_32

gethostbyname
sendto
setsockopt
socket
htons
getsockname
getpeername
shutdown

wininet

InternetSetOptionExA
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetSetStatusCallback
InternetWriteFile
InternetReadFile
HttpSendRequestA
InternetConnectA
HttpOpenRequestA
InternetCloseHandle
InternetCanonicalizeUrlA
InternetOpenA
InternetQueryDataAvailable
InternetOpenUrlA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strncmp
strlen
atoi
time
_strcmpi

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a084e24e48ac11079afa810693b7f8c3

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

shlwapi

ole32

ws2_32

wininet

msvcrt

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 323KB

.rsrc Size: 24KB - Virtual size: 22KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 323KB

.rsrc
Size: 24KB - Virtual size: 22KB

.reloc
Size: 1KB - Virtual size: 1KB