5cdd87563f6c3f5acd21677dd05a60df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5cdd87563f6c3f5acd21677dd05a60df_JaffaCakes118
Size

69KB
MD5

5cdd87563f6c3f5acd21677dd05a60df
SHA1

bcf6e2147d56fa9494b5c73076a3c1bfe77faa2c
SHA256

8bd91b05efa0504e518ce4eeaa11de3a9833d2ca3ed3841cebe5c0aa1a226359
SHA512

f4fee07fdc4b859b2ebbc6235901e4654b5b45d8bd2b814f5833aec0ed91b3715365ce47a2e05b7fcc44fb6f6f1da2fe7d387822037023eb8a7ddf0759f592e2
SSDEEP

1536:oqmkVxbS2bP/Bf3/grN1lPx1wJlDc8AmUlJDOD3:oaVxbVPd2N1l51kc8AmUl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cdd87563f6c3f5acd21677dd05a60df_JaffaCakes118

Files

5cdd87563f6c3f5acd21677dd05a60df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

567c88375c0a39f7681d8faa240943b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
HeapFree
WriteFile
CreateFileA
ReadFile
GetFileSize
GetLastError
lstrcmpiA
LockResource
SizeofResource
LoadResource
FindResourceA
SetFileAttributesA
SetFileTime
GetFileTime
VirtualQuery
SetFilePointer
GetShortPathNameA
MoveFileExA
GetSystemDirectoryA
GetModuleFileNameA
CreateProcessA
GetTempPathA
GetTickCount
GetProcAddress
LoadLibraryA
DeleteFileA
HeapAlloc
MapViewOfFile
CreateFileMappingA
GetModuleHandleA
GetCurrentProcessId
ExitProcess
CreateMutexA
OpenFileMappingA
UnmapViewOfFile
WideCharToMultiByte
GetVersionExA
FreeLibrary
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
VirtualAlloc
GetSystemInfo
GetCPInfo
GetOEMCP
GetACP
HeapReAlloc
GetWindowsDirectoryA
lstrcatA
GetProcessHeap
lstrcpyA
lstrcpynA
lstrcmpA
lstrlenA
InterlockedExchange
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetCommandLineA
GetStartupInfoA

user32

SendMessageA
wsprintfA
DefWindowProcA
DestroyWindow
KillTimer
SetTimer
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
FindWindowA
RegisterClassExA
CreateWindowExA

advapi32

RegOpenKeyA
RegDeleteValueA
RegCreateKeyA
RegSetValueExA
RegCloseKey

shlwapi

StrStrA
StrToIntA
wnsprintfA
StrNCatA
StrStrIA

wininet

InternetGetConnectedState
InternetOpenUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA

rasapi32

RasEnumConnectionsA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

567c88375c0a39f7681d8faa240943b6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

wininet

rasapi32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 32KB - Virtual size: 32KB