69e22e3598750b4bc5a649e6c36436cb_JaffaCakes118

General

Target

69e22e3598750b4bc5a649e6c36436cb_JaffaCakes118
Size

36KB
MD5

69e22e3598750b4bc5a649e6c36436cb
SHA1

0eaa061b1c81c8401c961fc46a39ecb6085268bf
SHA256

de9419e6cb45c4c813ef160ec9a66fb21d6edec6419eaafc301c38b7f7615f1d
SHA512

1bd63f015a3faf1ec323aea683bbbadc88c4dfa45f06edba61dfecf108360422bd447929ef6d6823415a791e23e4efd0ef68140328d6f68a1fe06b87e63ca02f
SSDEEP

768:QtJECTEfJ0C+pjnbqhu+Ov0JAN2LisKJoU:QtiX+pjnbqLOvIAMis6oU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69e22e3598750b4bc5a649e6c36436cb_JaffaCakes118

Files

69e22e3598750b4bc5a649e6c36436cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c37d6fb360da1004f1dc027db08e54c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle

kernel32

LoadLibraryA
GetProcAddress
OutputDebugStringA
DeleteFileA
GetSystemDirectoryA
GetModuleFileNameA
WinExec
HeapReAlloc
VirtualAlloc
HeapAlloc
SetStdHandle
GetACP
GetCPInfo
SetFilePointer
GetLastError
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
LCMapStringA
FlushFileBuffers
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetOEMCP
GetModuleHandleA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
CloseHandle
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy

user32

KillTimer
PostQuitMessage
SetTimer
SendMessageA
BeginPaint
EndPaint
DefWindowProcA
LoadCursorA
LoadIconA
RegisterClassA
CreateWindowExA
ShowWindow
GetMessageA
DispatchMessageA
TranslateMessage

gdi32

GetStockObject
TextOutA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c37d6fb360da1004f1dc027db08e54c

Headers

File Characteristics

Imports

urlmon

wininet

kernel32

user32

gdi32

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 12KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 12KB