886842bd6556ff3e2749bfa9f10c727d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

886842bd6556ff3e2749bfa9f10c727d_JaffaCakes118
Size

165KB
MD5

886842bd6556ff3e2749bfa9f10c727d
SHA1

9005b8d6b4e45b359a4cfe7e28a0477cd797f9ef
SHA256

e4ec09a06ecd801b0040a9cf97da1337524f1e49b51a06586dd6aa2a492e08f3
SHA512

d0acaaddecaa2597d4ae3988fe21c32f3f0b8ccd35ea66460210d3e10065c48f5ab180bb1530519a3da9bf35a2853f272609df573835634f8dc1c2147a645738
SSDEEP

3072:7J1JVq9zzcGlB/1JoZzHo/PRFQ8EGi6X26x7H:7JFq5J7mqFnG0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
886842bd6556ff3e2749bfa9f10c727d_JaffaCakes118

Files

886842bd6556ff3e2749bfa9f10c727d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7750b98d79e7639b88221ec1685c6b9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetTempPathA
CreateProcessA
FormatMessageA
CreateThread
_lclose
_lread
CreateFileA
SetThreadLocale
GetVersionExA
GetSystemDefaultLangID
GetProcAddress
LoadLibraryA
DeleteFileA
OpenFile
WriteFile
GetLastError
CreateMutexA
CloseHandle
FreeLibrary
GetModuleHandleA
GetStartupInfoA

user32

LoadCursorA
DefWindowProcA
RegisterClassExA
LoadStringA
LoadImageA
LoadBitmapA
GetMessageA
DispatchMessageA
IsDialogMessageA
DestroyIcon
PostMessageA
SetForegroundWindow
MessageBoxA
SetWindowLongA
GetWindowLongA
ShowWindow
KillTimer
PostQuitMessage
CreateDialogParamA
GetDlgItem
SendMessageA
GetWindowRect
ScreenToClient
CreateWindowExA
SetWindowPos
DestroyWindow
SetTimer
TranslateMessage

gdi32

DeleteObject

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyA

shell32

Shell_NotifyIconA

wininet

InternetConnectA
InternetCloseHandle
InternetReadFile
InternetOpenA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA

atl

ord42

msvcrt

strchr
atoi
??2@YAPAXI@Z
sprintf
__CxxFrameHandler
??3@YAXPAX@Z
strncpy
memmove
__dllonexit
_initterm
__setusermatherr
_adjust_fdiv
__getmainargs
__p__commode
__p__fmode
__set_app_type
_except_handler3
_exit
_XcptFilter
_controlfp
exit
_acmdln
strstr
_strnicmp
_onexit
_stricmp

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7750b98d79e7639b88221ec1685c6b9d

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

wininet

atl

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 140KB - Virtual size: 140KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 140KB - Virtual size: 140KB