abf6b6cfdf360693f7672085b96ab904_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

abf6b6cfdf360693f7672085b96ab904_JaffaCakes118
Size

120KB
MD5

abf6b6cfdf360693f7672085b96ab904
SHA1

d27cc21773189c3dc326888107162faf3bb962b0
SHA256

a283eb0448acf930f03e8db0e18dd1674e64f483a64aa10ec5f21f434dc646ce
SHA512

f77c83863fefed648acd7c9f702374c3f096858b99da91724b5a286281d58c690dbf3dbb32b89552a55a0c1f6e6b6750a8fd7024a94861995257192dc25b8d5f
SSDEEP

3072:7L/DlbeBkYPG0I6ZLtzbSgcgeCpIbUTF6:X7lbeJeGfJD1gH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abf6b6cfdf360693f7672085b96ab904_JaffaCakes118

Files

abf6b6cfdf360693f7672085b96ab904_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31fe9f71f61c4e162ae6c6fc9e4c2eae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\WorkBox\WorkBox\Develop\Projects\UnifyLauncherEx\Executable\Release_PH\DebugInfo\LaunchLinker.pdb

Imports

wininet

InternetOpenW
HttpQueryInfoW
InternetCloseHandle
InternetReadFile
InternetOpenUrlW
HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetCrackUrlW

kernel32

SetEndOfFile
CreateFileA
DeleteFileW
SetFileAttributesW
GetLastError
FindClose
FindFirstFileW
GetModuleFileNameW
SetCurrentDirectoryW
Sleep
GetCurrentDirectoryW
WaitForSingleObject
ReadFile
CloseHandle
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CreateFileW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
DeleteCriticalSection
FreeEnvironmentStringsA
WriteConsoleA
SetFilePointer
GetLocaleInfoA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
ExitThread
GetCurrentThreadId
CreateThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RaiseException
LoadLibraryA
VirtualAlloc
HeapReAlloc

user32

DialogBoxParamW
PostQuitMessage
EndDialog
MessageBoxW
SetTimer
SetDlgItemTextW
SetWindowPos
GetClientRect
KillTimer
GetSystemMetrics

advapi32

RegSetValueExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW

shell32

ShellExecuteExW

shlwapi

PathAddBackslashW

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31fe9f71f61c4e162ae6c6fc9e4c2eae

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 40KB - Virtual size: 77KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 40KB - Virtual size: 77KB