66e182f05df2283ea9901b890533129e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

66e182f05df2283ea9901b890533129e_JaffaCakes118
Size

124KB
MD5

66e182f05df2283ea9901b890533129e
SHA1

939fb7db976499474aa05ed3616a7a46d56a9a34
SHA256

1d2bcc9a0c1b5d64cc6886c228cf9f45118177bdac035eed580c02620b99d0a7
SHA512

275c248372c07d5d757dea64f03998e86ad630495dfb425c020fe4684f2fcd9b86291fe31e59160b4d67eac917f8189a30d1f2fdd29ed1dc66090ecb5fe284c2
SSDEEP

3072:5mtlY56OPa5a3RidCy0bTKxt2CoQ65tIZk8YFM8VHTSwEWhVYNV5DCu08iI/:5m7Y568a5ahidCy0bTKxoQ6nIZk8YF3g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e182f05df2283ea9901b890533129e_JaffaCakes118

Files

66e182f05df2283ea9901b890533129e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d61f414b11417099becb5e666fb7ba5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegNotifyChangeKeyValue
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA

wininet

InternetCrackUrlA
InternetConnectA
HttpSendRequestA
HttpQueryInfoA
InternetOpenA
HttpOpenRequestA
InternetTimeToSystemTime
InternetTimeFromSystemTime
InternetCloseHandle
InternetReadFile
InternetErrorDlg

kernel32

GetSystemInfo
LocalFree
GetTempPathA
DeleteCriticalSection
GetModuleHandleA
GetStartupInfoA
GetEnvironmentVariableA
SetFilePointer
WriteFile
GetCurrentProcess
lstrlenW
CloseHandle
CreateProcessA
WaitForMultipleObjects
CreateEventA
lstrcatA
lstrlenA
GetModuleFileNameA
WaitForSingleObject
GetLastError
CreateMutexA
GetCommandLineA
InitializeCriticalSection
HeapDestroy
WideCharToMultiByte
ReadFile
SetHandleInformation
CreatePipe
lstrcpynA
GetThreadLocale
FreeLibrary
GetProcAddress
LoadLibraryA
SetEvent
lstrcpyA
lstrcmpA
CreateThread
GetTickCount
GetCurrentProcessId
SystemTimeToTzSpecificLocalTime
GetSystemTime
GetVersionExA
CreateFileA
DeleteFileA
MultiByteToWideChar

user32

GetDesktopWindow
wsprintfA

ole32

StringFromCLSID
CoTaskMemFree
CLSIDFromString
CoInitialize
CoUninitialize

msvcrt

_controlfp
strncpy
fgetc
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
strstr
__getmainargs
_exit
_strcmpi
_stricmp
exit
_XcptFilter
__CxxFrameHandler
strrchr
??3@YAXPAX@Z
mktime
localtime
time
asctime
sprintf
_acmdln
malloc
strncmp
_EH_prolog
_except_handler3
strncat
srand
strtol
rand
sscanf
free

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d61f414b11417099becb5e666fb7ba5

Headers

File Characteristics

Imports

advapi32

wininet

kernel32

user32

ole32

msvcrt

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 80KB - Virtual size: 80KB