3791bad33e771da16baa85dd2463c551_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3791bad33e771da16baa85dd2463c551_JaffaCakes118
Size

156KB
MD5

3791bad33e771da16baa85dd2463c551
SHA1

5d8e82618a311a1ec8f0e3281473bd07f1b658c0
SHA256

2899b92e8dd5c4e7b5654dbc54dda813e1b97e223115a700452fbbbb32028893
SHA512

9345809a471a8f32dcd6c2c64080874cafe1f58778a60606d47355de7a61580c7c280f454e8bbc0048717049ac21ce0c66909aea65b8f300429937f34938c35f
SSDEEP

768:/p4CD/4v/sVyEZ9FiB2LhDBEEhdAgOCo:/prDQkQU9FHrEEhB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3791bad33e771da16baa85dd2463c551_JaffaCakes118

Files

3791bad33e771da16baa85dd2463c551_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7844fb047a4f4ff63074eeddf9c0f1ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ExitWindowsEx
DispatchMessageA
DefWindowProcA
CreateWindowExA
SetTimer
TranslateMessage
FindWindowA
SetForegroundWindow
ReleaseDC
RegisterClassExA
PostQuitMessage
PostMessageA
LoadIconA
LoadCursorA
KillTimer
IsWindow
GetWindowThreadProcessId
GetMessageA
GetDC
FindWindowExA
wsprintfA

kernel32

CreateProcessA
DeleteFileA
ExitProcess
GetCurrentProcess
GetFileTime
GetModuleFileNameA
GetStartupInfoA
GetSystemDirectoryA
GetSystemTime
CreateFileA
GetTempPathA
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LocalAlloc
LocalFree
MultiByteToWideChar
OpenProcess
ReadFile
SetEndOfFile
SetFilePointer
Sleep
SystemTimeToFileTime
TerminateProcess
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CloseHandle
GetFileSize
GetProcessHeap
HeapAlloc
HeapFree
GetSystemTimeAsFileTime

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
RegSetValueExA
AdjustTokenPrivileges

wininet

InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpOpenRequestA
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntryA

urlmon

URLDownloadToFileA

gdi32

SelectObject
PatBlt
StretchBlt
GetObjectA
GetDIBits
DeleteObject
DeleteDC
CreateFontA
CreateCompatibleDC
CreateCompatibleBitmap
TextOutA
CreateDIBSection
GetTextExtentPoint32A
CreateDIBitmap

ole32

CoCreateInstance
OleInitialize
OleUninitialize

oleaut32

VariantInit
SysFreeString
SysAllocString

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7844fb047a4f4ff63074eeddf9c0f1ce

Headers

File Characteristics

Imports

user32

kernel32

advapi32

wininet

urlmon

gdi32

ole32

oleaut32

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 125KB - Virtual size: 145KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 125KB - Virtual size: 145KB