81f38c19c4b1decb738f975c5b9c09a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

81f38c19c4b1decb738f975c5b9c09a1_JaffaCakes118
Size

48KB
MD5

81f38c19c4b1decb738f975c5b9c09a1
SHA1

19c9713b4d55e93daf30caf7b99b1009c62789d8
SHA256

71ce0b8efee8ff1759e274e04ff9368fc4d4b3c6c6988e72d9f15ed58cfb598b
SHA512

17f97e3dff6c045d6b8a849c7f8dec4b043814d62eb25700cb53074d04b94e9524188777eba3b330f9c904c613f188c06a66f84a0c5ca829534be162d1bed743
SSDEEP

768:ZYY17YzUeJ2F7gqp3u/rD9X3S4RtlUivyN7FZ4nGo8:Zv17Y7/ln9XC4RtHahFZ4Go8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81f38c19c4b1decb738f975c5b9c09a1_JaffaCakes118

Files

81f38c19c4b1decb738f975c5b9c09a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1161adb7fc366ff1864d0a14cfa164e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetQueryDataAvailable
InternetOpenA
InternetReadFile
InternetConnectA
HttpOpenRequestA
HttpSendRequestA

kernel32

OpenProcess
GetSystemDirectoryA
GetWindowsDirectoryA
InterlockedDecrement
InterlockedIncrement
CloseHandle
WriteFile
CreateFileA
IsBadCodePtr
IsBadReadPtr
ReadFile
GetExitCodeProcess
GetModuleFileNameA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetFilePointer
SetUnhandledExceptionFilter
HeapSize
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FlushFileBuffers
TerminateProcess
GetProcAddress
VirtualAlloc
LoadLibraryA
SetEndOfFile
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
SetStdHandle
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
RaiseException
GetLastError
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
LocalFree
RtlUnwind
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess

user32

LoadIconA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
DefWindowProcA
FindWindowA
GetWindowThreadProcessId
KillTimer
PostQuitMessage
SetTimer
LoadCursorA
RegisterClassA
DispatchMessageA

gdi32

GetStockObject

advapi32

RegOpenKeyExA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA

ole32

CoUninitialize
OleRun
CoCreateInstance
CoInitialize

oleaut32

VariantClear
VariantInit
SysAllocString
GetErrorInfo
SysFreeString

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 525KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1161adb7fc366ff1864d0a14cfa164e4

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 525KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 525KB