b6cbf93aa39caa84f1bf6b73d8152143_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b6cbf93aa39caa84f1bf6b73d8152143_JaffaCakes118
Size

93KB
MD5

b6cbf93aa39caa84f1bf6b73d8152143
SHA1

2ae3d27ef1ed19d94c59699aca821bae6921a15d
SHA256

6a27be88de918b2b5ea464066210c1cb0ef2469bec989ab54a6e59dfd83d7911
SHA512

75e4601a06ca2c5a263640883ffdc261dfe2d2a7ac130613a4472b0319932e0dc8086f8316b2f4e42e5bcdf530e404f6c990c980ca7bb3a60503b27fca6f4f94
SSDEEP

1536:ZjPGJEowtRLa+EK1KBZhfi/mlMK0OMDjzHLGRXkFAilu5lrM:ZrNRLN1x+lA7rLnu5lrM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6cbf93aa39caa84f1bf6b73d8152143_JaffaCakes118

Files

b6cbf93aa39caa84f1bf6b73d8152143_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b99c9f2c11b9e45ca0c5856c1bce883d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
WSAStartup
gethostbyname

wininet

HttpOpenRequestA
InternetOpenA
InternetCloseHandle
HttpAddRequestHeadersA
InternetReadFile
InternetConnectA
HttpSendRequestA
HttpQueryInfoA

kernel32

QueryPerformanceCounter
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetOEMCP
GetFileAttributesExA
Sleep
GetFileAttributesA
GetModuleFileNameA
FreeLibrary
GetCurrentProcessId
GetProcAddress
LoadLibraryA
GetLastError
FileTimeToSystemTime
SystemTimeToFileTime
GetTempPathA
CloseHandle
CreateProcessA
GetTickCount
SetFileAttributesA
CreateDirectoryA
lstrcmpiA
GetVersionExA
GetACP
GetLocaleInfoA
GetCPInfo
GetStringTypeW
GetStringTypeA
CreateFileA
FlushFileBuffers
SetStdHandle
SetEndOfFile
HeapSize
CompareStringA
CompareStringW
GetTempFileNameA
MoveFileA
InterlockedExchange
RtlUnwind
InitializeCriticalSection
HeapFree
HeapAlloc
DeleteFileA
HeapReAlloc
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
CreateThread
FindClose
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
SetEnvironmentVariableA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
WriteFile
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetFullPathNameA
GetCurrentDirectoryA
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
MultiByteToWideChar
VirtualProtect
GetSystemInfo
VirtualQuery

user32

RegisterClassExA
wsprintfA
SetForegroundWindow
PostQuitMessage
PostMessageA
SendMessageA
DefWindowProcA
GetMessageA
DispatchMessageA
CreateWindowExA
FindWindowA
IsIconic
ShowWindow

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

ole32

CoCreateGuid
StringFromGUID2

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b99c9f2c11b9e45ca0c5856c1bce883d

Headers

File Characteristics

Imports

ws2_32

wininet

kernel32

user32

advapi32

ole32

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 16B