423660a554b27a0a234d67420b73bda1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

423660a554b27a0a234d67420b73bda1_JaffaCakes118
Size

13KB
MD5

423660a554b27a0a234d67420b73bda1
SHA1

34921e92ae5a3befa90354e828069f63c609510a
SHA256

9d002bd9c9eeb7388fa37ff6d0403c38a903c4a27e9ee7ea2cb2bab190a0e753
SHA512

699367c256c3c4078d495e3cd226b04eb32bcf766cec98784b8adba77b4e3b24c4a58030616508c30f32241262aaaf3fc1c73e14f82c782a985ad3b4cb82f9ed
SSDEEP

192:1Ic9eMztE/0zw7C73NX7ClFanZsB5epeqGONB5TaFP1oyn68XYCV5/yTHUnu:qcwMZki3F+lELfax1Q8h5/iHUnu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
423660a554b27a0a234d67420b73bda1_JaffaCakes118

Files

423660a554b27a0a234d67420b73bda1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6bb92e9256d9107905c2e3a6ce930370

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_stricmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
vsprintf
memcpy
memset
??2@YAPAXI@Z
??3@YAXPAX@Z
srand
rand
sprintf
strcat
strchr
strcpy
strlen

psapi

GetModuleFileNameExA

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

ws2_32

WSAStartup
connect
htons
WSACleanup
recv
socket
closesocket
gethostbyname
send
WSAGetLastError

shlwapi

PathFindExtensionA
PathCombineA
PathFindFileNameA
PathFileExistsA
StrStrIA

pdh

PdhOpenQueryA
PdhAddCounterA
PdhCollectQueryData

kernel32

ExitProcess
GetLastError
CopyFileA
SetFileAttributesA
GetModuleFileNameA
WaitForSingleObject
CreateMutexA
GetCurrentProcess
CreateProcessA
GetLogicalDrives
GetDriveTypeA
GetVolumeInformationA
CreateDirectoryA
DeleteFileA
GetModuleHandleA
GetStartupInfoA
WriteFile
CreateFileA
Sleep
GetTempPathA
GetTickCount
CreateThread
GetLocaleInfoA
CloseHandle

advapi32

RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

DoEnvironmentSubstA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bb92e9256d9107905c2e3a6ce930370

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

psapi

wininet

ws2_32

shlwapi

pdh

kernel32

advapi32

shell32

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 37KB

.rsrc Size: 1024B - Virtual size: 712B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 37KB

.rsrc
Size: 1024B - Virtual size: 712B