226ef98f0a32d578d349330a0b7d09bb_JaffaCakes118

General

Target

226ef98f0a32d578d349330a0b7d09bb_JaffaCakes118
Size

745KB
MD5

226ef98f0a32d578d349330a0b7d09bb
SHA1

11a8cf520e77f1782d6154c6c3907e9e8b1e0839
SHA256

c2b1bd413353f4380497299bc411db1d9490cf4210f209eda8a0c43fa2445802
SHA512

24e29fc3b63e80fd42e55f3570fd4031067c6c0be93cf3675fc8139a50238a79878b9fe824975dbeaf211dde21194b98589d4cf46ed3931be8c51c78b967dbea
SSDEEP

12288:XFylr+0RWutl95MeWRB15P4qsBIq5unsx0bWHFKF6zRgabRgUg4QO2PGWEVez94D:Xy60RWuX950cqo5usSYKF61gabiUgbx+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
226ef98f0a32d578d349330a0b7d09bb_JaffaCakes118

Files

226ef98f0a32d578d349330a0b7d09bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82a6c74be23854b3ff509e8d3ffeab22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleMode
GetModuleHandleA
SetEvent
FindVolumeClose
CreateMutexA
ExitProcess
FindClose
IsValidCodePage
GetTickCount
InterlockedExchange
SetConsoleIcon
SetConsoleTitleA
VirtualProtect
ReleaseMutex
HeapDestroy
LoadLibraryA
UnmapViewOfFile
GetLastError
CloseHandle
CreateEventA
GetLogicalDrives

advapi32

EqualSid
IsValidSid
LsaClose
OpenTraceA
OpenEventLogA
IsTextUnicode
RegFlushKey
RegQueryInfoKeyA
RegCreateKeyExA
GetAce
GetLengthSid
GetUserNameA
CredFree
CloseServiceHandle
FreeSid
RegLoadKeyA
RegCloseKey
CloseEventLog
GetFileSecurityA
RegEnumKeyExA
RegSaveKeyA
LsaFreeMemory
ReportEventA
RegQueryValueExA
CredReadA
RegEnumValueA
IsValidAcl
CopySid
CloseTrace

wininet

HttpQueryInfoA
FindCloseUrlCache
DeleteUrlCacheEntryA
HttpSendRequestA
DetectAutoProxyUrl

user32

MessageBoxA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82a6c74be23854b3ff509e8d3ffeab22

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

user32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 522B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 522B

.rsrc
Size: 4KB - Virtual size: 4KB