78a0554d42bddffd665fbf987e7126fb_JaffaCakes118

General

Target

78a0554d42bddffd665fbf987e7126fb_JaffaCakes118
Size

21KB
MD5

78a0554d42bddffd665fbf987e7126fb
SHA1

17e224ba299b3b8be2e92d0dbed8e64111c5f751
SHA256

293b26a32b20a9447a0c7d91e5ac90294edd6479aa122314c9b0b7f9dcf8dbfb
SHA512

d3ae43ad52c95b0623768c93782f358be9df20e730c39311fd4dff3b61b3b534edd1447de40c1b914318f3f1ce36670f9e1d794081f1f90b87780462d04a3a34
SSDEEP

384:QgEHvLG0UbQiVMF+wgEgAgtgc7gxgbgogDgYgbgQg1gTgBgpg+MwqJeLSXd/cidK:QHHvLGTbQiVMF+wgEgAgtgc7gxgbgogd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78a0554d42bddffd665fbf987e7126fb_JaffaCakes118

Files

78a0554d42bddffd665fbf987e7126fb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4c108e174ff1a6b384f8ac0df7b4a403

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
GetTempFileNameA
GetTempPathA
MulDiv
GetTickCount
CloseHandle
WriteFile
ReadFile
CreateFileA
DeleteFileA
WaitForMultipleObjects
WaitForSingleObject
CreateEventA
HeapAlloc
OutputDebugStringA
GetModuleFileNameA
InterlockedExchange
RtlUnwind
SetCurrentDirectoryA
lstrlenA
CreateProcessA
GetLastError
GlobalAlloc
lstrcpynA
lstrcpyA
SetFilePointer
VirtualQuery
GlobalFree

user32

MessageBoxA
SetDlgItemTextA
SetWindowLongA
RegisterWindowMessageA
wsprintfA
SendMessageA
FindWindowExA
GetDlgItem
GetFocus
CloseWindow
GetParent
ArrangeIconicWindows
CharLowerBuffA
ShowOwnedPopups
GetWindowRect
CallWindowProcA
DestroyWindow
IsWindowVisible
ShowWindow
GetClientRect
CreateWindowExA
GetWindowLongA
EnableWindow
SetWindowTextA

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
RegEnumValueA
RegQueryValueExA

wininet

InternetConnectA
InternetOpenA
InternetCloseHandle
InternetReadFile
InternetSetFilePointer
InternetCrackUrlA
FindCloseUrlCache
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
HttpOpenRequestA
HttpSendRequestA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

download
getidex
skipcomponents

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c108e174ff1a6b384f8ac0df7b4a403

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

version

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 612B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 612B

.reloc
Size: 2KB - Virtual size: 1KB