b964dca0799c9d65efe8a3c1fa30b738_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b964dca0799c9d65efe8a3c1fa30b738_JaffaCakes118
Size

4.6MB
MD5

b964dca0799c9d65efe8a3c1fa30b738
SHA1

d82da7bdfeba16ac8e9749afac3a89b018ee51cc
SHA256

8a6d639199af61f5a73ff323c3f9a4adca92ee2ed004ec0f30e6f33183b04673
SHA512

75893d872b1d7ebcacc9529a6d4a313c5b06fb023f69681549439558421c63a7b3d576fe69880757ba0e770031651d6b1acd011c25e2c328e60393ceb282626b
SSDEEP

98304:jm4HvfTvHebZ4K1Qr6rhw7Q8GhBxX44tCOC7gK0:jmwHT0X1KA6QtXhCO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b964dca0799c9d65efe8a3c1fa30b738_JaffaCakes118

Files

b964dca0799c9d65efe8a3c1fa30b738_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fda405d95b8151adaacde3e8dc5d4fc4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

GetKeyboardType
MessageBoxA

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wininet

FindNextUrlCacheEntryA

urlmon

URLDownloadToFileA

winmm

timeGetTime

wsock32

WSACleanup

Sections

CODE
Size: - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.vmp2
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fda405d95b8151adaacde3e8dc5d4fc4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

version

gdi32

ole32

comctl32

shell32

wininet

urlmon

winmm

wsock32

Sections

CODE Size: - Virtual size: 565KB

DATA Size: - Virtual size: 7KB

BSS Size: - Virtual size: 3KB

.idata Size: - Virtual size: 10KB

.tls Size: - Virtual size: 16B

.rdata Size: - Virtual size: 24B

.vmp0 Size: - Virtual size: 35KB

.rsrc Size: 5KB - Virtual size: 7.2MB

.vmp1 Size: - Virtual size: 265KB

.vmp2 Size: 4.6MB - Virtual size: 4.6MB

.reloc Size: 512B - Virtual size: 252B

CODE
Size: - Virtual size: 565KB

DATA
Size: - Virtual size: 7KB

BSS
Size: - Virtual size: 3KB

.idata
Size: - Virtual size: 10KB

.tls
Size: - Virtual size: 16B

.rdata
Size: - Virtual size: 24B

.vmp0
Size: - Virtual size: 35KB

.rsrc
Size: 5KB - Virtual size: 7.2MB

.vmp1
Size: - Virtual size: 265KB

.vmp2
Size: 4.6MB - Virtual size: 4.6MB

.reloc
Size: 512B - Virtual size: 252B