a964c4778ab4ed0bc1b230fb69d259b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a964c4778ab4ed0bc1b230fb69d259b9_JaffaCakes118
Size

10KB
MD5

a964c4778ab4ed0bc1b230fb69d259b9
SHA1

5cbb62bd6a69669988740921d5a64df5348d77b7
SHA256

445027723104906432f34cfdc701f8a2c6e16090f892f6bfe72f2f550935e879
SHA512

1014db0eb17bab2a050e69d2aeb9209392716b052b1f9821f5ad8c1ba61b6126edf51af9eedebd8a2616260f81647c387d31f6ce3403835024a7bf6954f47d3f
SSDEEP

96:0PobsDaqnacDh5SGCmL7bidDaDjujcj0Lpi6KmCBAY+:0gbWfamh4wLga/gcj0I6rCBD+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a964c4778ab4ed0bc1b230fb69d259b9_JaffaCakes118

Files

a964c4778ab4ed0bc1b230fb69d259b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4553e2caace4ae4609a9a7bfe58fb03f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA

kernel32

CopyFileA
DeleteFileA
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetTempPathA
HeapAlloc
HeapFree
OpenProcess
ReadProcessMemory
SetPriorityClass

user32

FindWindowA
GetWindowThreadProcessId
MessageBoxA

cc3260

@_InitTermAndUnexPtrs$qv
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
__argc
__argv
__argv_default_expand
__exitargv
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__matherr
__matherrl
__setargv
__startup
__wargv_default_expand
_memcpy
_sprintf
_strcmp

urlmon

URLDownloadToFileA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4553e2caace4ae4609a9a7bfe58fb03f

Headers

File Characteristics

Imports

advapi32

kernel32

user32

cc3260

urlmon

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 1KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB