199d99a801e85e8f67b193793a3c4477_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

199d99a801e85e8f67b193793a3c4477_JaffaCakes118
Size

38KB
MD5

199d99a801e85e8f67b193793a3c4477
SHA1

4db2b9edc9b4ca364ffd9dbeb1dba2c4792aa900
SHA256

eb8b4997d1e3de37f26b9878e1f3a7a249401e9ebb33d52e443d4069243ccdc5
SHA512

843aa9158cafed65318ca96f661e23bcc6e79ce5bce6ab92884f181f2b28e36c728b90811d67e60acb296b4cb990a5d4aa3d8dbacf80161231f144e20c362c8c
SSDEEP

768:WXaTMWl3Na7Sk0UhRtbeQVfvrhbanF0Ry6/5EPAhP:WTWlUdRtbDVfwnM//5EPAB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
199d99a801e85e8f67b193793a3c4477_JaffaCakes118

Files

199d99a801e85e8f67b193793a3c4477_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e105961616398f5a59ba091b87f1fcc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CreateSemaphoreA
DeleteFileA
ExitProcess
FindAtomA
GetAtomNameA
GetLastError
GetStdHandle
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
SetConsoleTextAttribute
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject

msvcrt

_filelength
_kbhit
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_filelength
_iob
_itoa
_onexit
_setmode
_stat64
abort
atexit
atof
atoi
clock
fclose
fgetc
fopen
fputc
fread
free
ftell
localtime
malloc
memcpy
memset
printf
signal
strcat
strchr
strcmp
strcpy
strftime
strlen
strncpy
strstr
system
time
tolower
vsprintf

user32

GetForegroundWindow
ShowWindow

wininet

HttpEndRequestA
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetGetLastResponseInfoA
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetSetOptionA

ws2_32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
htons
inet_addr
recv
select
send
socket

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e105961616398f5a59ba091b87f1fcc6

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

wininet

ws2_32

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 512B - Virtual size: 108B

.rdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 2KB

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 512B - Virtual size: 108B

.rdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 2KB