4839ffbc6863a3bd288176d77bc22b31_JaffaCakes118

General

Target

4839ffbc6863a3bd288176d77bc22b31_JaffaCakes118
Size

9KB
MD5

4839ffbc6863a3bd288176d77bc22b31
SHA1

5983114c079cda7a59e95b301c8acbe4d0dd7898
SHA256

a7430130878f0ea4dee3c8e370801abf18211a029cc363b679ba9ea646ecf6ed
SHA512

9f7bd02a04e58c8aac58e6e4bdc22ad41d8ae4710c4c633c8c766848e99eb8936bdbc34fc2bf7498797337ea15c7af7c11994b81f9b37e48f103a5d21dacec8b
SSDEEP

192:x4CKEQrrirFE9Z3Vd5509P1oynjG6uNI:x4i2SF2NVd550p19Gg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4839ffbc6863a3bd288176d77bc22b31_JaffaCakes118

Files

4839ffbc6863a3bd288176d77bc22b31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac0f76bfd2bb41641e8582b673c42fee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA
SHChangeNotify

kernel32

CloseHandle
CreateProcessA
ReadFile
Sleep
WriteFile
TerminateProcess
GetTempFileNameA
PeekNamedPipe
CopyFileA
GetTempPathA
GetSystemDirectoryA
OpenProcess
CreatePipe
GetModuleFileNameA
DeleteFileA
GetCurrentDirectoryA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetLastError
GetStartupInfoA
GetModuleHandleA

urlmon

URLDownloadToFileA

wininet

InternetGetConnectedState
InternetOpenUrlA
InternetOpenA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
HttpOpenRequestA

advapi32

RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

msvcrt

__getmainargs
_acmdln
exit
_controlfp
_except_handler3
__set_app_type
__setusermatherr
_itoa
_adjust_fdiv
__p__commode
_initterm
??3@YAXPAX@Z
??2@YAPAXI@Z
strchr
atoi
sprintf
_exit
_XcptFilter
__p__fmode

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac0f76bfd2bb41641e8582b673c42fee

Headers

File Characteristics

Imports

shell32

kernel32

urlmon

wininet

advapi32

msvcrt

psapi

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 19KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 19KB