183cb282b1c5de3efb323229e15a0b90_JaffaCakes118

General

Target

183cb282b1c5de3efb323229e15a0b90_JaffaCakes118
Size

136KB
MD5

183cb282b1c5de3efb323229e15a0b90
SHA1

1a9b63942674579aba5511c64c07ae0ccf7b0927
SHA256

0568bf42e2cf4ef7910f360ad3eb019a96b895cc85d33d8846586462a8ec85a6
SHA512

a15f4ec18e923ba2c9788a0cf77e327145b4e6afeb69aa56b7683fbe04e316f3353a2cfdd40f303e8e50acf2cce9898557a0f8fd59bce695b6be779a20f9694a
SSDEEP

1536:k+RZB7k15PweASEHztIxkjmZn5R99dfmZXqWduNFccfCEjrNxqJhiD/90pIbcV4:k+RZBeeSEfe+icNYcG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
183cb282b1c5de3efb323229e15a0b90_JaffaCakes118

Files

183cb282b1c5de3efb323229e15a0b90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98ceeed49742273de12224fe3a9f0834

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetModuleFileNameA
DeleteFileA
CloseHandle
GetDiskFreeSpaceExA
GetFileSize
CreateFileA
WriteFile
WaitForSingleObject
CreateProcessA
GetStartupInfoA
GetEnvironmentVariableA
LCMapStringA
GetLogicalDriveStringsA
lstrcpyn
GetCommandLineA
GetModuleHandleA
ReadFile
SetProcessWorkingSetSize

urlmon

URLDownloadToFileA

user32

GetCursorPos
wsprintfA
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassExA
DefWindowProcA
RegisterWindowMessageA
PostQuitMessage
SetWindowPos
FindWindowA
CallWindowProcA
CreateWindowExA
SetWindowLongA
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
SetTimer

shell32

Shell_NotifyIconA

winmm

timeSetEvent
timeKillEvent

iphlpapi

GetIfTable

ntdll

NtQuerySystemInformation
RtlAdjustPrivilege

msvcrt

modf
strncpy
_ftol
floor
strtod
sprintf
??2@YAPAXI@Z
strrchr
??3@YAXPAX@Z
free
malloc
memmove

advapi32

RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

98ceeed49742273de12224fe3a9f0834

Headers

File Characteristics

Imports

kernel32

urlmon

user32

shell32

winmm

iphlpapi

ntdll

msvcrt

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 48KB

.rsrc Size: 100KB - Virtual size: 98KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 48KB

.rsrc
Size: 100KB - Virtual size: 98KB