4b6526ce2cb79fcbc1431bbd12d407c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b6526ce2cb79fcbc1431bbd12d407c2_JaffaCakes118
Size

62KB
MD5

4b6526ce2cb79fcbc1431bbd12d407c2
SHA1

b64ebd36ecea889b665e100abedade0e87c04fa5
SHA256

f29c45d78582e24ef94a063bba16f412878c08c1e308b0b2a7b5bbc398bc9599
SHA512

7eddba4af43ef91d6a2c2f279a3cbf17c75d5d2801b0aff06b724450e0729f6b0deb3358e437c13bc83640ffdcf0fec7da204278d189cca39ebe4253a697a8b5
SSDEEP

768:vR2cnE+UFtpOZPc/16feUaSYZ/U+vPl56deq/+ntcW:vo5sUaeUBYxJPeeDt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b6526ce2cb79fcbc1431bbd12d407c2_JaffaCakes118

Files

4b6526ce2cb79fcbc1431bbd12d407c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53ad3fe570c800d89255d38ec5b2cf67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
lstrlenA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
GetStringTypeW
GetTempPathA
SetFilePointer
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WriteFile
CreateFileA
CloseHandle
Sleep
WinExec
GetSystemDirectoryA
GetTickCount
GetStringTypeA
GetComputerNameA
GetModuleFileNameA
UnhandledExceptionFilter
HeapFree
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
CreateDirectoryA
GetCurrentProcess
TerminateProcess
HeapAlloc
ExitProcess
GetVersion
GetCommandLineA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetLastError
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA

user32

TranslateMessage
DispatchMessageA
ShowWindow
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
wsprintfA
GetMessageA
GetForegroundWindow
GetAncestor
GetClassNameA
GetWindowTextA
GetDesktopWindow
GetWindowRect
GetClientRect
PostQuitMessage
SetTimer
BeginPaint
EndPaint
DefWindowProcA
MessageBoxA
KillTimer
FindWindowA
SendMessageA

gdi32

GetStockObject

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

wininet

InternetQueryDataAvailable
InternetOpenA
InternetCloseHandle
InternetReadFile
InternetOpenUrlA

netapi32

Netbios

shlwapi

StrStrIA

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53ad3fe570c800d89255d38ec5b2cf67

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

wininet

netapi32

shlwapi

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 16KB - Virtual size: 13KB