8251d3d5a410fb0c1e4c6cde13e92cb1_JaffaCakes118

General

Target

8251d3d5a410fb0c1e4c6cde13e92cb1_JaffaCakes118
Size

196KB
MD5

8251d3d5a410fb0c1e4c6cde13e92cb1
SHA1

82c0753f3b49a2a6cb5f4e05f72839fb659342ba
SHA256

762435b25778776cc18fe719e49c75bc64ac430e0f4e9f925a7d7d5b42c97070
SHA512

b3ebaec4353d451e813ee7ffb6a4ff05e449d617457be91427dce1268ba415f00f286f626e6db4743b305497ec8590a7f249587ad368bf233fbbc135078c0155
SSDEEP

3072:iTpAog5YvfMkCe3n5RbuKPaOuw1jnXtypmmVim3qwiUC79vJOo9m8Qu86vJS:iTpAogiB3nPuKH73wib9vHQuvvU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8251d3d5a410fb0c1e4c6cde13e92cb1_JaffaCakes118

Files

8251d3d5a410fb0c1e4c6cde13e92cb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19a35526a23a2c26a9e5dc50abe4e0c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
FlushFileBuffers
CreateThread
GetVersion
LocalFree
LocalAlloc
GetSystemTimeAsFileTime
FindNextFileW
GetCommandLineA
FindClose
FindFirstFileW
GetCurrentProcessId
GetProfileStringW
lstrlenW
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetModuleFileNameA
WriteFile
RtlUnwind
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WideCharToMultiByte
GetTimeZoneInformation
GetProcAddress
UnhandledExceptionFilter
SetEnvironmentVariableA

shlwapi

SHDeleteValueW
PathIsDirectoryW
PathFindExtensionW
PathFileExistsW
StrCmpW
StrDupW
StrToIntW
PathCanonicalizeW

wininet

InternetSetOptionExW
InternetCanonicalizeUrlW
InternetQueryDataAvailable
InternetOpenUrlW
InternetOpenW
HttpQueryInfoW
InternetSetStatusCallbackW
InternetWriteFile
InternetReadFile
HttpSendRequestW
InternetConnectW
HttpOpenRequestW
InternetCloseHandle
InternetCrackUrlW

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19a35526a23a2c26a9e5dc50abe4e0c9

Headers

File Characteristics

Imports

kernel32

shlwapi

wininet

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 88KB - Virtual size: 162KB

.rsrc Size: 4KB - Virtual size: 840B

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 88KB - Virtual size: 162KB

.rsrc
Size: 4KB - Virtual size: 840B