390fce1f497ecda28ca74c93e2a2d5a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

390fce1f497ecda28ca74c93e2a2d5a4_JaffaCakes118
Size

232KB
MD5

390fce1f497ecda28ca74c93e2a2d5a4
SHA1

f5037f7be3657370616cbb128e113c6f0d637b54
SHA256

b1e343321382500ef365de95686712afe10aa276b61bda9e799f5186cd714138
SHA512

63add95cc0621509948e75a758cbd33919ee935a13b3798cb5fd273aacfad1af15f92488bfef298fc9c5bafecdf10699a91f42182d938a7224b77e869a9e242a
SSDEEP

3072:U6bFs2BdY8DzWorzM9V6uH7rVOmmwPy6LFTe/BpY7hTXyFhsYrFitxwcd3Mtonj:UmJ3nWV6uVpFVe/BpNfsPHl3Mto

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
390fce1f497ecda28ca74c93e2a2d5a4_JaffaCakes118

Files

390fce1f497ecda28ca74c93e2a2d5a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2ffd709cfe163bd2494ee313d34b443

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
CreateProcessA
DeleteFileA
GetTempPathA
WriteFile
GetExitCodeProcess
CreateFileA
GetFileSize
FreeLibrary
GetProcAddress
LoadLibraryA
FormatMessageA
LocalFree
CreateMutexA
GetLastError
CloseHandle
WaitForSingleObject
CreateEventA
SystemTimeToFileTime
SetFilePointer
GetSystemTimeAsFileTime
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
IsBadCodePtr
HeapSize
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
OutputDebugStringA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
GetVersionExA
GetCPInfo
LCMapStringA
LCMapStringW
RtlUnwind
RaiseException
InterlockedDecrement
InterlockedIncrement
ExitProcess
TerminateProcess
GetCurrentProcess
IsBadReadPtr
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapReAlloc
HeapAlloc
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter

advapi32

RegEnumValueA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegDeleteValueA

ole32

StringFromCLSID
CoTaskMemFree
CoCreateGuid

libexpat

XML_ParserReset
XML_SetElementHandler
XML_SetUserData
XML_Parse
XML_ParserCreate
XML_ParserFree

wininet

InternetGetConnectedState
InternetCloseHandle
DeleteUrlCacheEntry
InternetOpenUrlA
InternetSetFilePointer
InternetCrackUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile

ws2_32

gethostbyname
gethostname

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b2ffd709cfe163bd2494ee313d34b443

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

libexpat

wininet

ws2_32

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 24KB - Virtual size: 32KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 24KB - Virtual size: 32KB