380ef63af1b5f4b55c6332c091f8ce88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

380ef63af1b5f4b55c6332c091f8ce88_JaffaCakes118
Size

100KB
MD5

380ef63af1b5f4b55c6332c091f8ce88
SHA1

4fcd9682fe0fec4774ce5f8f22faae27d71b84e7
SHA256

bd7643d2125c5df0cb61677f65096fc556e39efdc7457ef8e8bba1279e31db35
SHA512

2f12caca3b34605a02f0cce1632515e26c96877f161623871b336e65dada57e7f6907b2d80265fdb9cfd74b3e021892cee444d69a20c7b7624832348eca669c4
SSDEEP

3072:XOOTCK0FOxMo1tyocorTMJD8Ei4cKkcD25rmqeAKY:+OTv+IyoprciK325rmqeAKY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
380ef63af1b5f4b55c6332c091f8ce88_JaffaCakes118

Files

380ef63af1b5f4b55c6332c091f8ce88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a414c2be7a552fed53e3360caba2650e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetTempFileNameA
GetTempPathA
Sleep
LoadLibraryA
FindFirstFileA
lstrlenA
WriteFile
CreateFileA
ReadFile
GetFileSize
DeleteFileA
GetCurrentDirectoryA
SetCurrentDirectoryA
CloseHandle
GetVersionExA
GetSystemTime
TlsAlloc
GetVersion
ExitProcess
GetLocaleInfoA
FlushFileBuffers
SetStdHandle
GetStringTypeA
IsBadCodePtr
GetStringTypeW
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
GetFileType
GetStdHandle
SetFilePointer
GetOEMCP
GetACP
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetCPInfo
MultiByteToWideChar
FreeEnvironmentStringsA
FreeEnvironmentStringsW
UnhandledExceptionFilter
HeapSize
GetModuleFileNameA
GetCurrentProcess
RaiseException
GetLocaleInfoW
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcAddress
LCMapStringW
LCMapStringA
RtlUnwind
HeapFree
GetTimeZoneInformation
FreeLibrary
GetLocalTime
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
TerminateProcess
HeapDestroy
HeapAlloc
GetCurrentThreadId
TlsSetValue
HeapReAlloc
SetLastError
TlsGetValue
GetLastError
EnterCriticalSection
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
VirtualAlloc
WideCharToMultiByte

user32

GetMenuState
DestroyMenu
MessageBoxA
PostQuitMessage
LoadStringA
DefWindowProcA
DestroyWindow
SetTimer
KillTimer
UpdateWindow
CreateWindowExA
ShowWindow
RegisterClassExA
LoadIconA
LoadCursorA
GetSubMenu
FindWindowA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
GetMessageA
GetCursorPos
TranslateMessage
DispatchMessageA
PostMessageA
SetForegroundWindow
TrackPopupMenu
CheckMenuItem

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA
Shell_NotifyIconA

wininet

HttpSendRequestA
InternetCrackUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetCloseHandle
InternetGetConnectedState
InternetAttemptConnect

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a414c2be7a552fed53e3360caba2650e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 8KB - Virtual size: 4KB