212e7d659ce52722b10465b30d5adb2f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

212e7d659ce52722b10465b30d5adb2f_JaffaCakes118
Size

34KB
MD5

212e7d659ce52722b10465b30d5adb2f
SHA1

273f8f386dbd56cead1155962c5cc24498a5b482
SHA256

a468f8cb75ee270b88544b1e9c2beed0c0bc3cf5e418d7cd61c9fc4b6678aef9
SHA512

92436fbbcea7200d30be7fafe39789137f2600705dac346fb0781ac2f93f9b7463fc05ebf210a1a856f6dec9dbe67d42896f0c7e203d7051112693c77e45bb6d
SSDEEP

384:MaJeq04gFWaC9y3nNjtFu2uc7pDThzQzpf8fY1LLhW8ButcnhQpvnYycBloVJpsS:ReDRTCcNtPtlTWpfAELhDBeEh+vZolod

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
212e7d659ce52722b10465b30d5adb2f_JaffaCakes118

Files

212e7d659ce52722b10465b30d5adb2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc6b757e4a0d1279f3c455dc2b17a5a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowExA
FindWindowA
ExitWindowsEx
DispatchMessageA
DefWindowProcA
CreateWindowExA
TranslateMessage
SetTimer
SetForegroundWindow
ReleaseDC
RegisterClassExA
PostQuitMessage
PostMessageA
LoadIconA
LoadCursorA
KillTimer
IsWindow
GetWindowThreadProcessId
GetMessageA
GetDC
wsprintfA

kernel32

CopyFileA
CreateFileA
CreateProcessA
DeleteFileA
ExitProcess
GetCurrentProcess
GetModuleFileNameA
GetStartupInfoA
CloseHandle
GetTempPathA
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LocalAlloc
LocalFree
MultiByteToWideChar
OpenProcess
SetEndOfFile
SetFileAttributesA
SetFilePointer
Sleep
TerminateProcess
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
GetFileSize
ReadFile
GetProcessHeap
HeapAlloc
HeapFree
GetSystemDirectoryA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExA

wininet

InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpOpenRequestA
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntryA

urlmon

URLDownloadToFileA

shell32

ShellExecuteA

gdi32

TextOutA
StretchBlt
SelectObject
GetTextExtentPoint32A
GetObjectA
GetDIBits
DeleteObject
DeleteDC
CreateFontA
CreateCompatibleDC
CreateCompatibleBitmap
CreateDIBSection
PatBlt
CreateDIBitmap

ole32

CoCreateInstance
OleUninitialize
OleInitialize

oleaut32

SysFreeString
VariantInit
SysAllocString

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc6b757e4a0d1279f3c455dc2b17a5a2

Headers

File Characteristics

Imports

user32

kernel32

advapi32

wininet

urlmon

shell32

gdi32

ole32

oleaut32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 122KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 122KB