3ae7ef7c598c9efa079be5f8c9df3548_JaffaCakes118

General

Target

3ae7ef7c598c9efa079be5f8c9df3548_JaffaCakes118
Size

15KB
MD5

3ae7ef7c598c9efa079be5f8c9df3548
SHA1

54abc70a3ea5a322add4a21b5f12f0b3759e1e9c
SHA256

0ef33c0f1e9c2c29635fcf2933383cdabd98cb785c2c2141fa0bea12192d37f3
SHA512

85d69cf8330b9a041667a27ad21f9c1a49db250eb4e14f419058296d9e2302aa32d6455d2d4418b2cc09dd537fb0b8ba471567df324b967ce063e9604f5b2309
SSDEEP

384:l14ZkeP9JBLidQrfg7oAuKamJ0qFBhXBE1L:lec9TBqofyt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ae7ef7c598c9efa079be5f8c9df3548_JaffaCakes118

Files

3ae7ef7c598c9efa079be5f8c9df3548_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb5e2521eb3ac44b2dd8088aa04f910a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
ShowWindow
UpdateWindow
RegisterClassExA
DefWindowProcA

advapi32

GetTokenInformation
OpenProcessToken
OpenThreadToken
RegCloseKey
RegQueryValueExA
RegEnumKeyA
SetNamedSecurityInfoA
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegOpenKeyExA

kernel32

HeapFree
GetProcessHeap
VirtualAlloc
GetProcAddress
ExitProcess
CloseHandle
CreateMutexA
OpenMutexA
ExitThread
HeapAlloc
CreateThread
OpenEventA
lstrlenA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
CreateEventA
SetEvent
WriteFile
CreateFileA
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
MoveFileExA
LocalFree
VirtualFree
Process32First
Process32Next
GetCurrentThread
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
CreateToolhelp32Snapshot

wininet

HttpQueryInfoA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetSetOptionA
InternetReadFile
InternetCloseHandle
HttpSendRequestA

winmm

timeKillEvent
timeSetEvent

msvcrt

memmove
memset
_vsnprintf

ntdll

RtlUnwind

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bb5e2521eb3ac44b2dd8088aa04f910a

Headers

File Characteristics

Imports

user32

advapi32

kernel32

wininet

winmm

msvcrt

ntdll

Sections

.text Size: 13KB - Virtual size: 13KB

.data Size: 1024B - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 13KB

.data
Size: 1024B - Virtual size: 4KB