49bc1f132eaa0a9c64cf60de3e50e9ae_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

49bc1f132eaa0a9c64cf60de3e50e9ae_JaffaCakes118
Size

84KB
MD5

49bc1f132eaa0a9c64cf60de3e50e9ae
SHA1

8b12257ade412854bbaf710bfc5b2ed846cb361b
SHA256

e3757416ecb0c287ed53291a022cc7188cb16b8635ff48237442e2bca47811b8
SHA512

c0eaee9f873a7f8a43b3bf2e5a178099a20879cb18c6440884ef7f7b06e22292dba5ffd78c1b8fa9ce1e4a55e3edd83bb570abba5bc9b0f602eff100dcbbf130
SSDEEP

1536:JEHuq6YuVLEAfMTKhwXp6aO+uBFrb1CW+BNSwkBJSlw2fu1:JEH1M4p63nrJYBNNkBJSlhfu1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49bc1f132eaa0a9c64cf60de3e50e9ae_JaffaCakes118

Files

49bc1f132eaa0a9c64cf60de3e50e9ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

278350797ffdbccd45a0d4aaed7cc452

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessA
Sleep
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
SetEnvironmentVariableA
CompareStringW
LoadLibraryA
SetEndOfFile
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetProcAddress
GetCurrentProcessId
FreeLibrary
GetModuleFileNameA
GetTempPathA
GetFileAttributesA
CompareStringA
GetLastError
GetCPInfo
InterlockedIncrement
InterlockedDecrement
CreateFileA
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetFullPathNameA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
UnhandledExceptionFilter
GetCurrentProcess
SetLastError
HeapFree
DeleteFileA
MoveFileA
HeapAlloc
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
InitializeCriticalSection
WriteFile
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
RtlUnwind
TlsAlloc

user32

IsIconic
wsprintfA
DispatchMessageA
GetMessageA
RegisterClassExA
SetForegroundWindow
FindWindowA
CreateWindowExA
PostMessageA
PostQuitMessage
SendMessageA
DefWindowProcA
ShowWindow

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

ole32

StringFromGUID2

wininet

InternetCloseHandle
InternetReadFile
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
HttpQueryInfoA

ws2_32

WSACleanup
gethostbyname
WSAStartup

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

PathAppendA

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

278350797ffdbccd45a0d4aaed7cc452

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

wininet

ws2_32

version

shlwapi

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 792B

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 792B