c2a6c6846a8293d40fc20c6e014654ce_JaffaCakes118

General

Target

c2a6c6846a8293d40fc20c6e014654ce_JaffaCakes118
Size

35KB
MD5

c2a6c6846a8293d40fc20c6e014654ce
SHA1

33e1f71665f5d9e2a989e370e3ca2aa4c468de88
SHA256

2578c0e2ab4afa86e9311902a6212aa808c497742727a03fc7d378acc376b1b8
SHA512

01ac24526e5b040f3ce87aeadc92368bacb0251e722f4033ec3feb26e76194107f13250b7f21ac7070d0d9b05f2c06d2548a6cc38722579995dddc36b567eb62
SSDEEP

384:dnZlODOsx6RfBDnPHZrrJ28ijK35MzmkmL2Dryjf0P6EesNZMdIiE076xjhQ6V4a:4YT5HJjdIr8MS3sFptoc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2a6c6846a8293d40fc20c6e014654ce_JaffaCakes118

Files

c2a6c6846a8293d40fc20c6e014654ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

450bc1c24252b0f65703fe500bfc9c7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetOpenUrlA
InternetCrackUrlA
InternetCloseHandle
HttpQueryInfoA
InternetOpenA

shlwapi

PathFileExistsA

ws2_32

closesocket
connect
socket
gethostbyname
WSAStartup
htons

kernel32

Process32First
CreateDirectoryA
FindNextFileA
WritePrivateProfileStringA
GetModuleFileNameA
SetCurrentDirectoryA
GlobalAlloc
GlobalReAlloc
GlobalFree
CloseHandle
WriteFile
CreateFileA
ReadFile
GetFileSize
QueryPerformanceCounter
Sleep
GetSystemTime
GetTickCount
MoveFileA
DeleteFileA
GetVersion
Process32Next
GetEnvironmentVariableA
CreateToolhelp32Snapshot
GetWindowsDirectoryA
GetSystemDirectoryA
FindClose
FindFirstFileA
ExitProcess
GetLastError
CreateSemaphoreA
WinExec
GetCurrentDirectoryA
CopyFileA

user32

FindWindowA

advapi32

RegSetValueExA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyA
RegQueryValueExA
RegOpenKeyA

shell32

ShellExecuteA

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

450bc1c24252b0f65703fe500bfc9c7d

Headers

DLL Characteristics

File Characteristics

Imports

wininet

shlwapi

ws2_32

kernel32

user32

advapi32

shell32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 752B

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 752B