48c1e51c70eed03204368014da91657e_JaffaCakes118

General

Target

48c1e51c70eed03204368014da91657e_JaffaCakes118
Size

10KB
MD5

48c1e51c70eed03204368014da91657e
SHA1

86b83bc21b20e3e94b871d6dd422926a9497442a
SHA256

31c0c6c7978e87fb4d859f92a20191657c1cf4629105917a2e4adf55a2b14644
SHA512

d65566d67685780c4569d7b18b5d1f3e461786bea5a35065b1540552980093d6cedcf19c5ee5e52adf2505255bce761096e7c2f4b40d86d37d5d6857b7e5db36
SSDEEP

192:5H1pvMRHZb802SQyRaISh5iei7KsmJ9O58xcdP2:58RHZPoIS2K7J9OqQ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48c1e51c70eed03204368014da91657e_JaffaCakes118

Files

48c1e51c70eed03204368014da91657e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3699ed8f9922ad34e74da87ebe28709e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostMessageA
LoadIconA
LoadCursorA
IsWindow
PostQuitMessage
GetSystemMetrics
GetMessageA
RegisterClassExA
SendMessageA
SetTimer
wsprintfA
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
IsDialogMessageA
DispatchMessageA
DestroyWindow
DefWindowProcA
CreateWindowExA
CreateDialogParamA

kernel32

lstrlenA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
TerminateThread
Sleep
SetFilePointer
LoadLibraryA
CloseHandle
CopyFileA
CreateFileA
CreateThread
DeleteFileA
ExitProcess
GetExitCodeThread
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetTempPathA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock

wininet

InternetConnectA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
InternetOpenA
HttpOpenRequestA

wsock32

WSAStartup
gethostbyname
WSACleanup

shlwapi

StrFormatByteSizeA

shell32

ShellExecuteA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey

gdi32

GetStockObject

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3699ed8f9922ad34e74da87ebe28709e

Headers

File Characteristics

Imports

user32

kernel32

wininet

wsock32

shlwapi

shell32

advapi32

gdi32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB