8956a0065153e7024ddb65aee02e9e67_JaffaCakes118

General

Target

8956a0065153e7024ddb65aee02e9e67_JaffaCakes118
Size

160KB
MD5

8956a0065153e7024ddb65aee02e9e67
SHA1

9e1ff2570634ea70e88a2ecb122b0cb86beb71ea
SHA256

71d107d6911393054489fdcf5d467c03a0d0389cc009f5ebb65b2a7e2b69fffc
SHA512

a20af24579e7ea5c5a208d899d76f9bc592c80c4582b7fe19f6edb644fbac691e87cfbf18eb7b9ceeecc190ac6c96dd0bf35ec44371292c02d506fc1244d50a2
SSDEEP

3072:SwE0Z1qvg5FgfjgbRAAWNYSbUiEGbipv1AeR7pN6yPmWY2Fqh2Ixx:SwnN5FkHAuI5GejvRVNqWYx2Ij

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8956a0065153e7024ddb65aee02e9e67_JaffaCakes118

Files

8956a0065153e7024ddb65aee02e9e67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a974a1f3896b587427e010243b5cdfed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
GetSystemTime
QueryPerformanceCounter
GetLocalTime
MoveFileExW
CreateFileW
GetModuleHandleW
GetDateFormatW
SizeofResource
HeapCompact
HeapCreate
HeapFree
HeapAlloc
GetCurrentThreadId
GetProfileStringW
lstrlenW

shlwapi

StrToIntW
SHRegCreateUSKeyW
PathQuoteSpacesW
SHRegCloseUSKey
SHDeleteKeyW
StrCmpW
StrCmpIW
StrStrIW
SHRegWriteUSValueW

wininet

InternetCanonicalizeUrlW
InternetQueryDataAvailable
InternetOpenUrlW
InternetOpenW
HttpQueryInfoW
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestW
InternetConnectW
HttpOpenRequestW
InternetCloseHandle
InternetCrackUrlW
InternetGetLastResponseInfoW

msvcrt

__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__p___winitenv
exit
_XcptFilter
_exit
_wcsdup
_onexit
localtime
malloc
free
fopen
fseek
fwrite
fclose
wcslen

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a974a1f3896b587427e010243b5cdfed

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

wininet

msvcrt

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 96KB - Virtual size: 427KB

.rsrc Size: 4KB - Virtual size: 816B

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 96KB - Virtual size: 427KB

.rsrc
Size: 4KB - Virtual size: 816B