5b2965209db4aa8440869a75aca82264_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b2965209db4aa8440869a75aca82264_JaffaCakes118
Size

1.4MB
MD5

5b2965209db4aa8440869a75aca82264
SHA1

9f4338c7f574512d8b25a9a410fdc64a352eac67
SHA256

5da426e4d721ebf5ca6920358ce8b0010fcd35e79a3c3b7c40f3bb08503ba2dd
SHA512

08a0be1f13a26ef12b3e9bb1ce6d29a93b3d3e312af99b2bdbdbd55f6d6578c0d9a79cf0424d03e42fe9b91b979b53f42d892c89aaa3f829dff54991d919acae
SSDEEP

24576:MkcED6301quRH3jo6FpJzKTgbu+T/3Az9AiDAQ965OF5Hk2FOJsFwzZLEHLHHtdr:qepN3n4T8uIQx3965OFtRFjFwqHrnr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b2965209db4aa8440869a75aca82264_JaffaCakes118

Files

5b2965209db4aa8440869a75aca82264_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e9433703b1504732819382631f90644

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
EnterCriticalSection
ExitProcess
GetCommandLineA
GetModuleHandleA
GetPrivateProfileStringA
GetStartupInfoA
HeapAlloc
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RemoveDirectoryA
RtlUnwind
SetCurrentDirectoryA
SetLastError
SetUnhandledExceptionFilter
SleepEx
UnmapViewOfFile
lstrcmpA

user32

CreateMDIWindowA
MessageBoxIndirectA
DialogBoxParamA
EnableWindow
EndPaint
MessageBoxA
OemToCharW
OemToCharA
CharToOemA

advapi32

RegQueryValueA
RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA
RegCloseKey

ole32

CoUninitialize
OleGetClipboard
OleFlushClipboard
CreateFileMoniker
CoTaskMemFree
CoInitialize
CoGetClassObject
CoCreateInstance
OleUninitialize
CLSIDFromProgID
OleInitialize

wininet

InternetOpenA
InternetQueryDataAvailable
InternetSetFilePointer
InternetSetOptionExA
InternetGetLastResponseInfoA
InternetGetCookieA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHGetDesktopFolder
SHFileOperationA
ShellExecuteExW
SHBindToParent

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 956KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e9433703b1504732819382631f90644

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

wininet

shell32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 30KB - Virtual size: 32KB

.data Size: 1KB - Virtual size: 956KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 15KB - Virtual size: 16KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 30KB - Virtual size: 32KB

.data
Size: 1KB - Virtual size: 956KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 16KB