a11e98d32e940ae35c8fd8524e4cbbbd_JaffaCakes118

General

Target

a11e98d32e940ae35c8fd8524e4cbbbd_JaffaCakes118
Size

11KB
MD5

a11e98d32e940ae35c8fd8524e4cbbbd
SHA1

cf66286e923c96a1cb6f63bf2540127ddff17237
SHA256

2930707dbc4022676dc70a5e18fa34e081d0c3c1be61d10d665ff083273fb663
SHA512

bc8e453e2d8dc96fcaed824a7c649339f61c45b119b3bc5cd41ad0e347139904ca8d52a96b2a1176729de3f28c324f8617a02701efe6ec83c5913e97e308b19a
SSDEEP

192:VWscq+U+PpEvrucMhBz4nQIlypyktMPcUnnbQlgoa:QsUNEvruccknQ3pykePcUnnbQl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a11e98d32e940ae35c8fd8524e4cbbbd_JaffaCakes118

Files

a11e98d32e940ae35c8fd8524e4cbbbd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d8347bd4f903b954e54752276df9b018

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpOpen
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpOpenRequest
WinHttpSendRequest
WinHttpCloseHandle
WinHttpReceiveResponse
WinHttpCrackUrl

kernel32

HeapAlloc
GetProcessHeap
HeapFree
ReadFile
CloseHandle
WriteFile
GetLocalTime
CreateFileW
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
MultiByteToWideChar
GetTempPathW
MoveFileExW
CopyFileW
GetSystemDirectoryW
ExitProcess
GetCommandLineW
LockResource
LoadResource
FindResourceW
GetModuleHandleW
Sleep

advapi32

CloseServiceHandle
ChangeServiceConfig2W
SetServiceStatus
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
OpenServiceW
StartServiceW
OpenSCManagerW
CreateServiceW

shell32

CommandLineToArgvW
ShellExecuteW

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8347bd4f903b954e54752276df9b018

Headers

DLL Characteristics

File Characteristics

Imports

winhttp

kernel32

advapi32

shell32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 568B

.rsrc Size: 1024B - Virtual size: 540B

.reloc Size: 1024B - Virtual size: 592B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 568B

.rsrc
Size: 1024B - Virtual size: 540B

.reloc
Size: 1024B - Virtual size: 592B