5d0db2902937597e202851e9d32e1a69_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d0db2902937597e202851e9d32e1a69_JaffaCakes118
Size

92KB
MD5

5d0db2902937597e202851e9d32e1a69
SHA1

18d28592dd15f98d9e43b56f91f1fe240d11a0db
SHA256

1ec7fecbe925b887bc10104d4db070abe42d3141fc8a758a8f547095b7dc7cf8
SHA512

be2e2f6cf03554045a265178539862bdc8de92b134528ca69c4c24ee0b63744ef01c4af93078fb58a9648091a548157e92482ed3f88c0a1cad39607493b1026f
SSDEEP

768:QiTsPFUvjtoWh2lX6dd8bEgGQSmch5LUNQg1h+P/OkatPL7WokhauBZqrY2zBEJa:QiwIjSx6Io9QXI/6tW1aMqgJklUI7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d0db2902937597e202851e9d32e1a69_JaffaCakes118

Files

5d0db2902937597e202851e9d32e1a69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

819e5389d80244d638ffcedebc658dad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetEnvironmentVariableA
DeleteFileA
Sleep
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalHandle
lstrlenA
CloseHandle
GetModuleFileNameA
CreateFileA
MoveFileA
MoveFileExA
SetEndOfFile
SetFilePointer
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcatA
lstrcpyA
GetPrivateProfileStringA
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FlushFileBuffers
InterlockedDecrement
InterlockedIncrement
GetFileSize
GetLastError
WriteFile
LCMapStringW
LCMapStringA
HeapSize
GetEnvironmentStringsW
HeapAlloc
HeapReAlloc
ReadFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
GetCurrentProcess
VirtualAlloc
SetUnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
MultiByteToWideChar
WideCharToMultiByte
LocalFree
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapFree
TerminateProcess

user32

LoadStringA
PeekMessageA
DispatchMessageA
wsprintfA

ole32

CoUninitialize
CoInitialize

oleaut32

SysAllocString
SysStringLen
SysFreeString
VariantClear
SysAllocStringByteLen

wininet

HttpOpenRequestA
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetReadFile
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState
HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
HttpSendRequestA
HttpAddRequestHeadersA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

PathAddBackslashA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

819e5389d80244d638ffcedebc658dad

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

wininet

version

shlwapi

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 1KB