193ac1c5daf9e1937e893d8660b2aacb_JaffaCakes118

General

Target

193ac1c5daf9e1937e893d8660b2aacb_JaffaCakes118
Size

19KB
MD5

193ac1c5daf9e1937e893d8660b2aacb
SHA1

a450cc15f64eb7a3defcaab16f859d5288471114
SHA256

32c2cc18ff1214e28dbf21085417ea16b407586b569e14007f4f547cbaf7de38
SHA512

66b49547b472fb587339ac7bb58f0f290865daf60fc9d8a5bf814444f2036e279edf50a3873e3361f1d88d7539733d09c4999e78430cbf43c601cf0252f23092
SSDEEP

384:FnU3oCSYS7o5iYwzWrS/G2dFKhyIKcerAEG3IZu18jHG7A6RtSc:FU3ob7o8Ywau/G2dMhymerrRZu2DG7Lb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
193ac1c5daf9e1937e893d8660b2aacb_JaffaCakes118

Files

193ac1c5daf9e1937e893d8660b2aacb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

26497d27984f9d13e4bdeb31be5e9527

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetProcAddress
GlobalFree
GetTempFileNameA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetTempPathA
lstrcpyA
lstrcatA
MulDiv
RtlUnwind
CreateEventA
GlobalAlloc
WriteFile
GetProcessHeap
GetTickCount
HeapFree
HeapAlloc
ReadFile
lstrlenA
lstrcpynA
SetFilePointer
lstrcmpA
HeapReAlloc
CreateFileA
InterlockedExchange
GetLastError
GetFileAttributesW
VirtualQuery

user32

SetDlgItemTextA
CallWindowProcA
EnableWindow
SetWindowTextA
IsWindowVisible
DestroyWindow
GetWindowRect
GetFocus
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
GetDC
EndPaint
UpdateWindow
CharLowerBuffA
SetWindowLongA
MessageBoxA
GetWindowLongA
GetDlgItem
ShowWindow
CreateWindowExW

advapi32

RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumValueA

wininet

InternetSetFilePointer
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA
FindCloseUrlCache
InternetOpenA
InternetCloseHandle

gdi32

RestoreDC

version

GetFileVersionInfoSizeA

Exports

Exports

a
b
c

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26497d27984f9d13e4bdeb31be5e9527

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

gdi32

version

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB