a62fabb27e54605d76d34a5f47c046ff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a62fabb27e54605d76d34a5f47c046ff_JaffaCakes118
Size

108KB
MD5

a62fabb27e54605d76d34a5f47c046ff
SHA1

59bf081718aa1d08b44d9ebf04daed70a86b72b8
SHA256

b5eef2327116cf2a92df59e1e4cacead000fe0875e757f58c22fb69532a3dd11
SHA512

dc3cbb507903865f0a94020de200a706e10909b6a287620c4acab5faa1bc3bdd9426dcadfb336bb433543517ec6165b1dd52ceee10361f46c9237272566cb7d5
SSDEEP

1536:er4wo3D9VhZ0AuKlySSBYz8+LwEpsTyokOPPTa8cACZQoLt9M:er49T9yNKlyxBYnLuPfcAMQoLty

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a62fabb27e54605d76d34a5f47c046ff_JaffaCakes118

Files

a62fabb27e54605d76d34a5f47c046ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

085c137013054fc18838461153bd3bee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetLastError
CreateMutexA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
ReadFile
CreateFileA
GlobalDeleteAtom
IsBadCodePtr
IsBadReadPtr
GetCPInfo
FlushFileBuffers
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
GetCurrentThreadId
GetCurrentProcessId
lstrlenA
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
WideCharToMultiByte
WriteFile
SetStdHandle
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
TlsGetValue
SetLastError
TlsAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
Sleep
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
RtlUnwind
HeapAlloc
HeapFree
GetLocalTime
ExitProcess
TerminateProcess
HeapReAlloc
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
RaiseException

user32

GetSystemMetrics
PostQuitMessage
SendMessageA
SetWindowPos
MapWindowPoints
GetClientRect
LoadImageA
GetWindowLongA
GetWindowRect
GetWindow
GetParent
PostMessageA
GetActiveWindow
DestroyWindow
IsDialogMessageA
SystemParametersInfoA
MessageBoxA
RegisterWindowMessageA
DispatchMessageA
TranslateMessage
GetMessageA
KillTimer
SetTimer
DialogBoxParamA
SetWindowLongA
CreateDialogParamA
EndDialog
PeekMessageA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringLen

comctl32

InitCommonControlsEx

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
HttpAddRequestHeadersA

ws2_32

WSAGetLastError
connect
inet_addr
setsockopt
socket
WSAStartup
closesocket
htons

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

085c137013054fc18838461153bd3bee

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

wininet

ws2_32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 3KB