68c288bc56399b31fc63b84ee854b0ac_JaffaCakes118

General

Target

68c288bc56399b31fc63b84ee854b0ac_JaffaCakes118
Size

745KB
MD5

68c288bc56399b31fc63b84ee854b0ac
SHA1

a8c834b645c7eddf734d72a8577b145d7a35b6b0
SHA256

bdfcfd80b22b891a4bc54188eeab58ff3e3e912cf8c0ed1677d0b917868729be
SHA512

3d94e3d34d7c7513955ccebb39183ff82798dbfc8ac201f470eaf370077d0b2f3415fc3eec27604219e29865b856e3e3393b7b48ce925dc1e9a6296979c36657
SSDEEP

12288:3Fylr+0RWutl95MeWRB15P4qsBIq5unsx0bWHFKF6zRgabRgUg4QO2PGWEVez94n:3y60RWuX950cqo5usSYKF61gabiUgbxG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68c288bc56399b31fc63b84ee854b0ac_JaffaCakes118

Files

68c288bc56399b31fc63b84ee854b0ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a69887302848d6d557e58a249e83aa2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
ExitProcess
GetLastError
SetConsoleMode
GetTickCount
IsValidCodePage
CloseHandle
UnmapViewOfFile
LoadLibraryExA
GetProfileSectionA
SetConsoleTitleA
FindClose
GetConsoleWindow
GetLogicalDrives
VirtualProtect
CreateMutexA
SetEvent
InterlockedExchange
HeapDestroy
ReleaseMutex
CreateEventA

advapi32

CopySid
IsValidSid
OpenTraceA
FreeSid
GetAce
GetFileSecurityA
CredReadA
IsTextUnicode
GetLengthSid
GetUserNameA
CloseTrace
CloseEventLog
RegCreateKeyExA
OpenEventLogA
RegFlushKey
LsaFreeMemory
ReportEventA
RegSaveKeyA
CredFree
RegEnumKeyExA
RegQueryValueExA
IsValidAcl
CloseServiceHandle
RegEnumValueA
EqualSid
RegCloseKey
RegQueryInfoKeyA
LsaClose
RegLoadKeyA

wininet

DeleteUrlCacheEntryA
DetectAutoProxyUrl
HttpSendRequestA
HttpQueryInfoA
FindCloseUrlCache

user32

MessageBoxA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a69887302848d6d557e58a249e83aa2

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

user32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 522B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 522B

.rsrc
Size: 4KB - Virtual size: 4KB