19ebec51eae879c97cea3c4e4c1a16d1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19ebec51eae879c97cea3c4e4c1a16d1_JaffaCakes118
Size

136KB
MD5

19ebec51eae879c97cea3c4e4c1a16d1
SHA1

2ae0469f9f44b3698b8006331dd7394f06342858
SHA256

fe5276b43bab0ab63d1119f9f36a093f16d630487d5383b1dccaa714ff93d81f
SHA512

e42610d2b3744649e83c85a58476ebca7eda5d3f74843d6c5352cbdcb7c18d31431b46f13821a967a2ea76d4cc413fe3327da809a05fbc336e5794e7cfe06c6b
SSDEEP

3072:49lVrOUHhoZacnS83BRa16yOv2MxErJZCMqs6Anp3pW2Z1:GwUHmZacSGa16Xv2oESMZ3Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19ebec51eae879c97cea3c4e4c1a16d1_JaffaCakes118

Files

19ebec51eae879c97cea3c4e4c1a16d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49664ec93aeb3d47cf8eb155f72e28c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetCloseHandle
InternetOpenA
InternetReadFile

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

DeleteFileA
lstrcmpiA
GetTickCount
lstrcatA
GetPrivateProfileSectionNamesA
OutputDebugStringA
MoveFileA
lstrcmpA
CreateEventA
InitializeCriticalSection
LeaveCriticalSection
SetEvent
EnterCriticalSection
WaitForSingleObject
GetLastError
Sleep
CloseHandle
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteCriticalSection
GetFileSize
GetLocalTime
WriteFile
SetFilePointer
SetFileAttributesA
ReadFile
CreateDirectoryA
CopyFileA
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetCurrentProcessId
lstrcpynA
GetWindowsDirectoryA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetModuleHandleA
GetFileAttributesA
SetPriorityClass
SetThreadPriority
DuplicateHandle
GetCurrentThread
GetCurrentProcess
GetCommandLineA
GetSystemTimeAsFileTime
CompareStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetStdHandle
OpenProcess
SystemTimeToFileTime
FileTimeToSystemTime
WritePrivateProfileSectionA
GetSystemDirectoryA
GetExitCodeProcess
CreateProcessA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetACP
GetOEMCP
GetUserDefaultLangID
GetShortPathNameA
MoveFileExA
GetFullPathNameA
CreateMutexA
ReleaseMutex
GetVersionExA
QueryPerformanceCounter
QueryPerformanceFrequency
SetFileTime
lstrcpyA
DosDateTimeToFileTime
CreateFileMappingA
GetSystemInfo
GlobalMemoryStatus
lstrlenA
GetFileTime
LocalFileTimeToFileTime
GetStartupInfoA

user32

GetDC
GetMessageA
DispatchMessageA
CreateWindowExA
wsprintfA
MessageBoxA
PostMessageA
IsWindow
ReleaseDC
GetSystemMetrics
ExitWindowsEx
CharLowerA
SendMessageA
DefWindowProcA
PostQuitMessage
RegisterClassA
TranslateMessage

gdi32

GetDeviceCaps

advapi32

RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
GetUserNameA

shell32

FindExecutableA
ShellExecuteExA

ole32

CoCreateGuid
CoInitialize
CoUninitialize

wsock32

WSACleanup
gethostname
gethostbyname
ntohl
WSAStartup

msvcrt

__set_app_type
__p__fmode
malloc
_acmdln
__p___argv
_beginthreadex
sprintf
_except_handler3
strrchr
sscanf
strtok
memcpy
strstr
??2@YAPAXI@Z
??3@YAXPAX@Z
memset
strcmp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_ftol
exit
_XcptFilter
_exit
_onexit
__dllonexit
strncmp
free
__p___argc
atoi
__p__commode
strchr
_controlfp

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49664ec93aeb3d47cf8eb155f72e28c3

Headers

File Characteristics

Imports

wininet

version

kernel32

user32

gdi32

advapi32

shell32

ole32

wsock32

msvcrt

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 8KB - Virtual size: 4KB