8d44a1dc87c9ae9d07c48ec37dd58568_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d44a1dc87c9ae9d07c48ec37dd58568_JaffaCakes118
Size

728KB
MD5

8d44a1dc87c9ae9d07c48ec37dd58568
SHA1

658f0402e4b79eab18a7de579abd1b84b08da1e4
SHA256

3b56d425f23b78268452f8cc5cc6d7f8789e14081b0d95c1d0ab22580a78cbdd
SHA512

1c3ac4ac13e32e197d883714b6c9621e45b5dcc2e69e3da5449c10559c764f273255134f4491d96e41275b04b278af111d170f7348a0f65afc803a4a00014d6f
SSDEEP

12288:3qFrL9FP3PhW4mAMrm9IVwnKVEhYRAuZrY4N/1gq7pJ6:crXpVrownKeYo4d1gIn6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d44a1dc87c9ae9d07c48ec37dd58568_JaffaCakes118

Files

8d44a1dc87c9ae9d07c48ec37dd58568_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75163529395fcdcf869f851819a45b14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CloseHandle
FindResourceW
WaitForSingleObject
CreateProcessW
MoveFileW
GetFileAttributesW
GetSystemDirectoryW
GetLastError
CreateMutexW
BeginUpdateResourceW
CopyFileW
GetSystemDirectoryA
WriteFile
CreateFileW
GetLongPathNameW
GetTempPathW
LoadResource
LockResource
UpdateResourceW
EndUpdateResourceW
WideCharToMultiByte
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetCPInfo
RaiseException
SetEndOfFile
LoadLibraryA
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
DeleteFileW
HeapFree
HeapReAlloc
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
SizeofResource
RtlUnwind
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
CreateFileA
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsBadWritePtr
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
GetProcAddress
UnhandledExceptionFilter
GetCommandLineA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
SetStdHandle
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr

user32

KillTimer
MessageBoxW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
SetTimer
wsprintfW

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW

shell32

ShellExecuteW

wininet

InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 644KB - Virtual size: 642KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75163529395fcdcf869f851819a45b14

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 644KB - Virtual size: 642KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 644KB - Virtual size: 642KB