82636b91a06f19e8c60b8a78083d8828_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

82636b91a06f19e8c60b8a78083d8828_JaffaCakes118
Size

105KB
MD5

82636b91a06f19e8c60b8a78083d8828
SHA1

451fea4471a4673cb4b382c5a37da84cfa1c2b25
SHA256

563b934ff4c62ea73b66c4367eaa350183a07b6fcce80ebe8fadfdc686b50745
SHA512

e218c7020e9a24a6fa6606e6004bba16e7f9af56c30d3a5be1328119820514ba0649697e928f9cc93a7403f05f85bb25f3748a362c3cd2dbbf50be7f3d15b915
SSDEEP

1536:m/RyAUNuOz/SySRi7JvrI0wigSVXAEKKCVevpHM:yQ2Oz6PI7trlHJXNCb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82636b91a06f19e8c60b8a78083d8828_JaffaCakes118

Files

82636b91a06f19e8c60b8a78083d8828_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f8741afa56382c563f0457de05700454

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCanonicalizeA
PathCommonPrefixW
UrlCompareA
PathCompactPathA
PathCompactPathExA
PathCanonicalizeA
PathAddBackslashA
PathAppendW
PathCompactPathW
PathIsContentTypeA
UrlCombineA
PathFindOnPathA
PathCanonicalizeW
PathIsContentTypeW
PathGetCharTypeA
PathAddBackslashW
UrlCombineW
UrlCompareW
PathCommonPrefixA
PathCompactPathExW

kernel32

GetSystemInfo
GetModuleFileNameA
FindNextFileA
OpenEventA
WriteProfileSectionW
SetFileAttributesW
GetSystemTime
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
OpenEventW
FindNextFileW
CreateMutexA
OpenFileMappingW
GetModuleHandleA
ExitProcess
GetCommandLineW
CreateFileA
GetFileSize
SetEndOfFile
FindResourceW
SetFilePointerEx
GlobalSize
GlobalLock
GetModuleHandleW
GetPrivateProfileStringW
FormatMessageA
GetCommandLineA
GlobalAlloc
Sleep
CopyFileW
GetVersionExW
CreateProcessA
ReadFile
GetModuleFileNameW
CreateFileW
lstrcatA
GlobalUnlock
GetTempPathW
GetPrivateProfileIntW
GlobalUnfix
DeleteFiber
GetFileSizeEx
FindFirstFileA
OpenMutexW
GetProcAddress
VirtualAlloc
MoveFileW
ReadFileEx
FindClose
GetPrivateProfileStringA
LoadLibraryA
OpenMutexA
GetFileType
MoveFileA

user32

GetDlgItem
ReleaseDC
GetClassNameW
CreateWindowExA
GetWindowTextW
SetCursorPos
MessageBoxA
MapVirtualKeyA
TrackPopupMenuEx
DefWindowProcA
GetClientRect
FindWindowW
WindowFromPoint
LoadBitmapA
KillTimer
TrackPopupMenu
RegisterClassExA
GetWindowRect
SetTimer
SetWindowRgn
MapVirtualKeyW
EndPaint
GetDesktopWindow
SetWindowPos
ShowWindow
IsWindow
MessageBoxW
GetDlgItemTextW
UpdateWindow
EnableWindow
CallWindowProcW
FindWindowA
CallWindowProcA
BeginPaint

advapi32

RegCloseKey

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 806B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8741afa56382c563f0457de05700454

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 512B - Virtual size: 220B

.reloc Size: 1024B - Virtual size: 806B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 512B - Virtual size: 220B

.reloc
Size: 1024B - Virtual size: 806B