684ad6d0237c04430541713bb19e9747_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

684ad6d0237c04430541713bb19e9747_JaffaCakes118
Size

64KB
MD5

684ad6d0237c04430541713bb19e9747
SHA1

c4153f7ed9092b44b7159058d31ad00277d7c1b8
SHA256

2cc3b0575b28b79dcdf32a356ee5bb7bb2a265c48f2efffa5892f93ebc695240
SHA512

c6e49be1c6e7c4541f4a839af72c7f4bdc8d3dbd439b6ad5f818193d102edc19fad71b32f26b62398880246ed42739b1cf7cfb7eab5feda3eea7c5ef73031392
SSDEEP

1536:rpTq85tkKF1CITVFPVCx2gI5ewSXuAzl2APwdDsmLY:Rq8TkKF1xJ5NSXuqBPwhsmLY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
684ad6d0237c04430541713bb19e9747_JaffaCakes118

Files

684ad6d0237c04430541713bb19e9747_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8e294278eca890eff1a2e23dc1915da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpSendRequestW
InternetConnectW
HttpOpenRequestW
InternetSetPerSiteCookieDecisionW
InternetQueryDataAvailable
InternetCloseHandle
InternetOpenUrlW
InternetAttemptConnect
InternetClearAllPerSiteCookieDecisions
InternetReadFile
InternetSetOptionW
InternetOpenW

iphlpapi

GetIfTable

shlwapi

StrStrIA
PathMatchSpecW
PathCombineW
wvnsprintfW
PathRemoveFileSpecW
StrStrIW

kernel32

TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
VirtualFree
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
HeapCreate
CopyFileW
CreateThread
WaitForMultipleObjects
FindClose
GetTickCount
VirtualProtect
CreateProcessW
SetUnhandledExceptionFilter
ExitProcess
CloseHandle
DeleteFileW
LoadLibraryW
GetLastError
ExpandEnvironmentStringsW
GetProcAddress
CreateDirectoryW
Sleep
FindFirstFileW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetFileSize
WriteFile
GetLocalTime
SetFilePointer
SetEndOfFile
GetVersionExW
HeapAlloc
CreateWaitableTimerW
SetWaitableTimer
FindNextFileW
SystemTimeToFileTime
HeapFree
ReadFile
GetModuleFileNameW
WaitForSingleObject
GetTimeZoneInformation
CreateFileW
GetFileSizeEx
VirtualQuery
GetProcessHeap
GetCurrentDirectoryW
GetSystemTime
ResumeThread
VirtualAlloc
HeapReAlloc
GetModuleHandleW
GetCommandLineW

user32

PeekMessageW
GetWindowLongW
DispatchMessageW
GetForegroundWindow
CharLowerW
CreateWindowExW
SetWindowLongW
SetParent
GetSystemMetrics
MessageBoxW
SetForegroundWindow
SetWindowPos
FindWindowW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoCreateInstance
OleInitialize
CoInitialize

oleaut32

SysFreeString
VariantInit
SysAllocString
VariantClear

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8e294278eca890eff1a2e23dc1915da

Headers

File Characteristics

Imports

wininet

iphlpapi

shlwapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 97KB

.rsrc Size: 512B - Virtual size: 508B

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 97KB

.rsrc
Size: 512B - Virtual size: 508B