a555ed4e15f9cb6b8edb63c38946561f_JaffaCakes118

General

Target

a555ed4e15f9cb6b8edb63c38946561f_JaffaCakes118
Size

68KB
MD5

a555ed4e15f9cb6b8edb63c38946561f
SHA1

18bad48dbd90eabc9456c2a3db498ae526dab0c5
SHA256

f19392966be530edf1e44d528e16b6c3c65152736df2cf5af77b3876f8291a02
SHA512

9db661be4f3f061221542ab11011d2cd282b75b8a35e20b521d18363aafa7fb1cf68a11ad87459de25b24e8fd2532634767022db514ddc26fc3de94f6bb1627c
SSDEEP

768:JRp03m79o2/88fYOHQFsvX+XeYqaTgO4nWN8UMHZ+euVxiB9qOIVuieJ6/vBl0AG:JRpUm7Wnec+CEWNBY8R6IVuieNoN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a555ed4e15f9cb6b8edb63c38946561f_JaffaCakes118

Files

a555ed4e15f9cb6b8edb63c38946561f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26e15dfa2fe63ebe99d7e5a36a4a8519

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
VirtualAlloc
IsBadCodePtr
GetCPInfo
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetACP
GetOEMCP
LoadLibraryA
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
IsBadWritePtr
Sleep
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
GetProcAddress
HeapAlloc
HeapFree
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion

user32

wsprintfA
ReleaseDC
OpenClipboard
GetWindowTextA
GetWindowRect
CloseClipboard
EmptyClipboard
GetDC
GetClassNameA
IsWindowVisible
ShowWindow
SendMessageA
EnumWindows
GetClipboardData

gdi32

CreateBitmapIndirect
CreateCompatibleDC
SelectObject
DeleteObject
GetPixel

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyA

ole32

CoCreateInstance
OleUninitialize
OleInitialize

oleaut32

VariantClear
SysStringByteLen
VariantInit
SysAllocString
SysFreeString

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

shlwapi

SHDeleteKeyA
SHSetValueA

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

26e15dfa2fe63ebe99d7e5a36a4a8519

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

wininet

shlwapi

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 13KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 13KB