a4a33f44d556d06cd73c4536f26386a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a4a33f44d556d06cd73c4536f26386a5_JaffaCakes118
Size

64KB
MD5

a4a33f44d556d06cd73c4536f26386a5
SHA1

92bfe9b144a9fb883af232fe49f4d89273cbecab
SHA256

f2ead9a670363ce95afe7d1ea1232aa2870febf56b0750e4fe99b9979ef9296a
SHA512

d330868562f30175eefd4db959ddcd24c459aa6c0f2445861c644b93ea5f83d5c9b00bb7fe964250d6113c7fb0ee4f4d04441e69cbc9d07ac4c102261f811084
SSDEEP

768:r8EFYwBk2h03ts5lNeezF4VLY47Z++LEJeZeANQgO2b1MjjH+SGDot5ay1peY1W3:IEFYwWy5w641ZeANQgOi6H+Zo9F9Vu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4a33f44d556d06cd73c4536f26386a5_JaffaCakes118

Files

a4a33f44d556d06cd73c4536f26386a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c579b9b12cf028d8cf9d8a45ba344f22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
CreateProcessA
CreateFileA
GetTempFileNameA
GetTempPathA
GetModuleHandleA
SystemTimeToFileTime
GetSystemTime
GetVolumeInformationA
GetWindowsDirectoryA
lstrcmpiA
WriteFile
LCMapStringW
LCMapStringA
ReadFile
FindClose
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
GetLastError
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
RemoveDirectoryA
GetModuleFileNameA
GetEnvironmentVariableA
GetCurrentDirectoryA
Sleep
FindFirstFileA
CreateDirectoryA
CopyFileA
SetStdHandle
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
GetCurrentProcess
TerminateProcess
ExitProcess
FlushFileBuffers

user32

SendMessageA
MoveWindow
GetSystemMetrics
GetWindowRect
FindWindowA
GetDlgItem
MessageBoxA
DialogBoxParamA
SetWindowTextA
PostMessageA
EndDialog
DefWindowProcA
SystemParametersInfoA
KillTimer
PostQuitMessage
CreateWindowExA
SetTimer
LoadIconA
LoadCursorA
RegisterClassExA
SetForegroundWindow
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA

shell32

ShellExecuteA

wininet

InternetReadFile
HttpQueryInfoA
InternetSetOptionA
InternetQueryOptionA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCloseHandle
InternetCrackUrlA
InternetGetConnectedState
InternetOpenA

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c579b9b12cf028d8cf9d8a45ba344f22

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 8KB - Virtual size: 7KB