ac0950f62c7131f9801ab3bd820775ee_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ac0950f62c7131f9801ab3bd820775ee_JaffaCakes118
Size

120KB
MD5

ac0950f62c7131f9801ab3bd820775ee
SHA1

2e1ea8d177b9101678e251409053877fe4ccc1bf
SHA256

814e40a88a305f0ee9bc705f1437f04ac9cc401c8d684d0df7432dd0c6389fa9
SHA512

2909c8bc584ae7fb1c0fb9f0c7e619886a802edf27d08c2cf3521e12d569cbfe115d287b83aa2722d05d30dc98670836ad6f44aaf4769d32d7ddb56e4ea85d3e
SSDEEP

3072:GL/DlbeBkYPG0I6ZLtzbSgcgeCpIbUTF6:U7lbeJeGfJD1gH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac0950f62c7131f9801ab3bd820775ee_JaffaCakes118

Files

ac0950f62c7131f9801ab3bd820775ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31fe9f71f61c4e162ae6c6fc9e4c2eae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\WorkBox\WorkBox\Develop\Projects\UnifyLauncherEx\Executable\Release_PH\DebugInfo\LaunchLinker.pdb

Imports

wininet

InternetOpenW
HttpQueryInfoW
InternetCloseHandle
InternetReadFile
InternetOpenUrlW
HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetCrackUrlW

kernel32

SetEndOfFile
CreateFileA
DeleteFileW
SetFileAttributesW
GetLastError
FindClose
FindFirstFileW
GetModuleFileNameW
SetCurrentDirectoryW
Sleep
GetCurrentDirectoryW
WaitForSingleObject
ReadFile
CloseHandle
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CreateFileW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
DeleteCriticalSection
FreeEnvironmentStringsA
WriteConsoleA
SetFilePointer
GetLocaleInfoA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
ExitThread
GetCurrentThreadId
CreateThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RaiseException
LoadLibraryA
VirtualAlloc
HeapReAlloc

user32

DialogBoxParamW
PostQuitMessage
EndDialog
MessageBoxW
SetTimer
SetDlgItemTextW
SetWindowPos
GetClientRect
KillTimer
GetSystemMetrics

advapi32

RegSetValueExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW

shell32

ShellExecuteExW

shlwapi

PathAddBackslashW

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31fe9f71f61c4e162ae6c6fc9e4c2eae

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 40KB - Virtual size: 77KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 40KB - Virtual size: 77KB