639b28e6438a2b74934a154609bac845_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

639b28e6438a2b74934a154609bac845_JaffaCakes118
Size

112KB
MD5

639b28e6438a2b74934a154609bac845
SHA1

d7d57fa017784f7632366687bdd5fb105768470a
SHA256

93bf8e3e207c3a97580791d6e12f5169439020caa0c5994a134dc3d701d5f4b9
SHA512

1b594de9125c64cf8b543175e83ab27e2d688ab648440cadf433a797fdeee03897ce97ae5ec85735c566a3136a36c987ef0bb143173b96a4af17cf8bab273e97
SSDEEP

1536:EzstHKio8vTDn5w9rQHU0X0ZtR4HBlBFBU/khxkQmTALlfPaYrI8ki2XxHKicSaj:EW7TDTFitEBFBUsYWh0JHKiRaJClhwL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
639b28e6438a2b74934a154609bac845_JaffaCakes118

Files

639b28e6438a2b74934a154609bac845_JaffaCakes118
.exe windows:4 windows x86 arch:x86

826b76d6253bf308fbfe386af4a84e5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
lstrcmpA
DeleteFileA
CreateDirectoryA
WinExec
lstrcatA
CopyFileA
lstrcpyA
lstrlenA
WritePrivateProfileStringA
GetLastError
OpenMutexA
GetPrivateProfileStringA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
OutputDebugStringA
LocalFree
FreeLibrary
FormatMessageA
LoadLibraryA
GetModuleHandleA
FindClose
FindNextFileA
FindFirstFileA
CloseHandle
CreateFileA
ReadFile
GetFileSize
GetShortPathNameA
GetProcAddress
GetWindowsDirectoryA
RemoveDirectoryA
GetFileAttributesA
Sleep
Process32Next
Process32First
CreateToolhelp32Snapshot
GetExitCodeProcess
WaitForSingleObject
TerminateProcess
OpenProcess
GetCurrentProcess
GlobalFree
WriteFile
GlobalAlloc
GetVersionExA
WideCharToMultiByte
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
HeapFree
RaiseException
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetSystemTimeAsFileTime

user32

SetWindowTextA
MessageBoxA
FindWindowA
CreateDialogParamA
GetDlgItem
GetWindowThreadProcessId
GetWindow
GetParent
PostMessageA
SendMessageA

shlwapi

PathFileExistsA
SHDeleteKeyA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

InternetWriteFile
FtpOpenFileA
InternetCloseHandle
FtpSetCurrentDirectoryA
InternetReadFile
HttpQueryInfoA
InternetQueryDataAvailable
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetCrackUrlA
InternetOpenA
InternetConnectA
FtpFindFirstFileA

psapi

GetModuleFileNameExA

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

826b76d6253bf308fbfe386af4a84e5f

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

version

wininet

psapi

advapi32

shell32

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 2KB