a3233dba3de986fd624946365f110fea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3233dba3de986fd624946365f110fea_JaffaCakes118
Size

20KB
MD5

a3233dba3de986fd624946365f110fea
SHA1

16d1f7d509a7783699447ba60afd36a5f7e123e5
SHA256

fd01c78bb75a813607da9e3ac412f193d51d621f8b70c8ac18387026dbaed584
SHA512

c426921f7fa57293fbf253ef35bde286d57f3be02cecae6a72ec4bceab54952c71ae46bfd62453d37b520cc59cdd3a4955f5629d1e8bfccdc0f3c3a50f278ef2
SSDEEP

384:UlmpvQOVNgFY6Y+aBwdqxgUTdKG5BTQNeQKGamfVaban6N:NoO36laBoMc8BQwQXaoVwans

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3233dba3de986fd624946365f110fea_JaffaCakes118

Files

a3233dba3de986fd624946365f110fea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

056e926fd5811cc86675b8309ca2f44c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIfEntry
GetIpAddrTable

wsock32

WSACleanup
WSAStartup
gethostbyaddr

wininet

InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetCloseHandle
InternetSetCookieA
InternetOpenA
HttpQueryInfoA

urlmon

URLDownloadToFileA

shlwapi

StrStrA
StrRChrA
StrChrA
StrCmpNIA

shfolder

SHGetFolderPathA

kernel32

LocalFree
MoveFileA
GetModuleHandleA
GetCommandLineA
lstrcmpiA
GetTickCount
ExitProcess
OpenMutexA
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
CopyFileA
lstrcmpA
GetSystemTimeAsFileTime
QueryPerformanceCounter
DeleteFileA
GetVolumeInformationA
SetEvent
CreateEventA
UnmapViewOfFile
CloseHandle
MapViewOfFile
CreateFileMappingA
GetVersionExA
WriteFile
GetLastError
SetFilePointer
GetFileSize
CreateFileA
ReadFile
GetModuleFileNameA
OutputDebugStringA
lstrcpyA
lstrlenA
LocalAlloc
GetProcAddress
LoadLibraryA
TerminateProcess
OpenProcess
lstrcatA
lstrcpynA
FreeLibrary
GetTempPathA
Sleep

user32

LoadStringA
wsprintfA

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryValueExA
RegDeleteValueA

shell32

ShellExecuteA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

056e926fd5811cc86675b8309ca2f44c

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

wsock32

wininet

urlmon

shlwapi

shfolder

kernel32

user32

advapi32

shell32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB