466a1757ee30b241a578e9d338bc45a3_JaffaCakes118

General

Target

466a1757ee30b241a578e9d338bc45a3_JaffaCakes118
Size

35KB
MD5

466a1757ee30b241a578e9d338bc45a3
SHA1

22f2477f7bde87b2c85a1e37174e4b9c690b200c
SHA256

0f8750ca985d607f663047e4f0312c1bf459e76cc1a5cec80336d9ba7c5171e1
SHA512

9329786770f4c1e1a20be87f4412bf5c534a4ca6e51869cb42d5d45a7395a9484296d25fd38ced5acab59105896f7b6fef6e830e31de6d06a5fba57911853ca9
SSDEEP

384:z0n7R/k20gq5U13qPqiNi9vIQT2jJ69/ElpJgLa0Mp888ZGsYCINDz7WH90t/Q:on7R/kJxyiY9G69sgLa1HdsYdNn7lBQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
466a1757ee30b241a578e9d338bc45a3_JaffaCakes118

Files

466a1757ee30b241a578e9d338bc45a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67e25f3e4134495e2b4d8fe6727a419e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
ReadFile
GetVersionExA
Process32Next
Process32First
CreateToolhelp32Snapshot
ExitThread
Sleep
DeleteFileA
TerminateThread
WaitForMultipleObjects
GetSystemDirectoryA
GetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetProcessHeap
GetProcAddress
LoadLibraryA
ResetEvent
GetModuleFileNameA
CreateDirectoryA
GetFileAttributesA
CreateFileA
WriteFile
SetFilePointer
lstrcmpA
CloseHandle
lstrcpyA
FindResourceA
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
CompareStringA
CreateEventA
SetEvent
CreateThread
WaitForSingleObject
CreateProcessA
SizeofResource
LoadResource

user32

GetWindowThreadProcessId
GetParent
wsprintfA
GetWindowRect
GetClientRect

gdi32

GetStockObject

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegEnumKeyA
RegNotifyChangeKeyValue

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67e25f3e4134495e2b4d8fe6727a419e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

iphlpapi

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 424B

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 424B

.rsrc
Size: 5KB - Virtual size: 5KB