bbbda5437293eb6921b49f6984279d8b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bbbda5437293eb6921b49f6984279d8b_JaffaCakes118
Size

126KB
MD5

bbbda5437293eb6921b49f6984279d8b
SHA1

06133648c135f859bf5d843a566f572bedf913aa
SHA256

6cfbc03f002cab050b270998e5b7b4029c011f042a23f8c1822b4ee9b6e31eb6
SHA512

db8a4b8058af554ed3892d7f6647b2a3127dbef9b146fbfa11991c1135dffdad1edd5620bef6a4bd5bdccfc9a3332169ae11d893e53a2c8f0858a6e8107f0860
SSDEEP

3072:70ivWKvoQXDnoGFoEgMGYbuf7/IrxffNZUZF:oiooXFoEgdYij/AZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbbda5437293eb6921b49f6984279d8b_JaffaCakes118

Files

bbbda5437293eb6921b49f6984279d8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

465fcb3e798b27714a605940b1a78514

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileA
EnumResourceTypesA
ExitProcess
FreeResource
GetACP
GetCommandLineA
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
InterlockedIncrement
LocalAlloc
ReadFile
RtlUnwind
SetCurrentDirectoryA
SetLastError

advapi32

RegEnumKeyA
RegLoadKeyA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

wininet

InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetGetLastResponseInfoA
InternetGetCookieA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetSetOptionExA

user32

SetFocus
MessageBoxA
EnableMenuItem
DrawIcon
DeleteMenu
wsprintfA

shell32

SHGetMalloc
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
SHGetPathFromIDListA
SHGetFileInfoA
SHGetDesktopFolder
SHFileOperationA
SHBindToParent

shlwapi

PathFileExistsA
PathFindExtensionA
PathFindFileNameA
PathIsDirectoryA
PathCompactPathExA
PathIsRootA
PathUnquoteSpacesA
SHAutoComplete
PathCanonicalizeA
PathAppendA
PathQuoteSpacesA

imm32

ImmGetContext
ImmReleaseContext
ImmGetCompositionStringW
ImmSetCompositionFontA
ImmSetCompositionWindow

msvcrt

memset
strlen
strstr
sscanf
_except_handler3

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.idata
.rdata
.rsrc/0/version.txt
.rsrc/1033/GROUP_ICON/103
.rsrc/1033/ICON/1.ico
.rsrc/1033/ICON/2.ico
.rsrc/1033/ICON/3.ico
.rsrc/1033/ICON/4.ico
.rsrc/1033/ICON/5.ico
.rsrc/1033/ICON/6.ico
.rsrc/1033/MANIFEST/1
.xml
.text

Sharing

General

Malware Config

Signatures

Files

465fcb3e798b27714a605940b1a78514

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

user32

shell32

shlwapi

imm32

msvcrt

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 22KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 22KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB