a12ce23af7bc2702493f2a56a520f202_JaffaCakes118

General

Target

a12ce23af7bc2702493f2a56a520f202_JaffaCakes118
Size

48KB
MD5

a12ce23af7bc2702493f2a56a520f202
SHA1

2bb3196aeed731f3de31699629ae24dc2ad1e7d8
SHA256

2a9c0f0a8335c9d63a8e22636cc77dc0a72b387558866b5de7d3ed4df3e204db
SHA512

7b8bc361c8d5ac6771a352d11ddb488900262d7a896a63e3c388c8393ceb5ecf99952bb356eb546567899469d607526f6b8f4f380734ad5edc2f7c5db3a8969b
SSDEEP

768:3vVrKmQvFzZNyekF9O8gPtuJwIHYQ6VSAEJxLiqwLPl:3v8mm7AOVPtsnB6gA+Ul

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a12ce23af7bc2702493f2a56a520f202_JaffaCakes118

Files

a12ce23af7bc2702493f2a56a520f202_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ea82edc92bb55c12e7d413268367e70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadImageA
MessageBoxA

advapi32

RegGetKeySecurity
RegOpenKeyExA

wininet

InternetOpenA
HttpQueryInfoA
InternetReadFile
InternetSetOptionA
InternetCloseHandle
InternetOpenUrlA

kernel32

VirtualProtect
GetSystemInfo
GetVersionExA
GetLocaleInfoA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetVolumeInformationA
CreateDirectoryA
OpenProcess
GetFileTime
GetProcessPriorityBoost
GetSystemDirectoryA
GetStartupInfoA
GetFileType
GetEnvironmentVariableA
LoadLibraryA
CloseHandle
OpenMutexA
CreateMutexA
CreateFileA
CreateProcessA
WriteFile
ExitProcess
GetTickCount
DeleteFileA
Sleep
CopyFileA
GetModuleFileNameA
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
RtlUnwind
GetCommandLineA
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapSize
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
SetStdHandle

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ea82edc92bb55c12e7d413268367e70

Headers

File Characteristics

Imports

user32

advapi32

wininet

kernel32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 7KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 7KB