3257305bd1efbae2da414ceba8266411_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3257305bd1efbae2da414ceba8266411_JaffaCakes118
Size

252KB
MD5

3257305bd1efbae2da414ceba8266411
SHA1

eea095f59508922dec7423349135b5cb2866e8c4
SHA256

c62b8137d0ff277c31ee4bc137d58d363af5358c23f740d2ced4252411fc308f
SHA512

556c059ae7b8dcb3cea79f962eb93683621724c9ca8b98cb871d9c3764431e0445323879962bfa1c58677f8677aa09935c95fc8ac6a703edc218b020241dc4d6
SSDEEP

6144:AexsMBvqPQ5Qvz2kAKjlUwQ6vOTrxRHSC8BE6e:AeaMBvqYqz9AKjls2wYe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3257305bd1efbae2da414ceba8266411_JaffaCakes118

Files

3257305bd1efbae2da414ceba8266411_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d5feaa79b350f359c4d45c83e621fe6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
FindFirstFileA
GetDriveTypeA
CreateFileA
CloseHandle
ReadFile
SetFilePointer
WriteFile
GetVersion
GetVersionExA
DeviceIoControl
GetFileTime
SetFileTime
GetLocalTime
GetLastError
CreateMutexA
MultiByteToWideChar
WideCharToMultiByte
FindClose
GetProcAddress
LoadLibraryA
ExitProcess
CreateThread
CreateDirectoryA
GetFileSize
FileTimeToSystemTime
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
SystemTimeToFileTime
GetTickCount
IsBadCodePtr
SetUnhandledExceptionFilter
FlushFileBuffers
SetStdHandle
GetStringTypeW
DeleteFileA
Sleep
GetWindowsDirectoryA
GetModuleFileNameA
GetComputerNameA
lstrcpynA
GetStringTypeA
SetConsoleCtrlHandler
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SetEndOfFile
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
VirtualAlloc
GetCurrentProcess
TerminateProcess
VirtualFree
HeapCreate
IsBadWritePtr
IsBadReadPtr
HeapValidate
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
HeapReAlloc
HeapFree
HeapDestroy

user32

GetMessageA
GetDesktopWindow
TranslateMessage
DispatchMessageA

advapi32

RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCloseKey
RegDeleteValueA

shell32

ShellExecuteA

ole32

StgOpenStorageEx

wininet

InternetCloseHandle
InternetGetConnectedState
InternetOpenA

ws2_32

WSACleanup
closesocket
recv
send
WSAStartup
connect
socket
inet_addr
htons

urlmon

URLDownloadToFileA

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d5feaa79b350f359c4d45c83e621fe6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

wininet

ws2_32

urlmon

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 13KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 13KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 5KB