c87da4204d7c324b2e4391f18dc1a97d_JaffaCakes118

General

Target

c87da4204d7c324b2e4391f18dc1a97d_JaffaCakes118
Size

1.0MB
MD5

c87da4204d7c324b2e4391f18dc1a97d
SHA1

cff1e4e91799bc8c569915081ebd5818b05f8777
SHA256

3b622a3c1b151be793a438255cb734446c7e114ccd5993700528b26a6acd214d
SHA512

3a279e1b416a79ec0f99f42d9ed82912489462f5d8b2139f330431c7c474e8bc3d1b45ed47279c414b2bdfea4dd3013f6f373772b993f239c0fa78bac017ae66
SSDEEP

384:xhHvrB4Pwj9staBlJgpk7sFEbE0S8Skhek93pMCumt4zCZ4Bw1:xhzBey4aBlJEFqEZ8vek93DptHZ4W1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c87da4204d7c324b2e4391f18dc1a97d_JaffaCakes118

Files

c87da4204d7c324b2e4391f18dc1a97d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2dd42c77e09b7a7683d784b2aba6d617

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
lstrcmpiA
lstrcpyA
WritePrivateProfileStringA
GetFileAttributesA
LoadLibraryA
lstrcatA
GetPrivateProfileStringA
GetWindowsDirectoryA
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
WriteFile
CreateFileA
FreeLibrary
GetProcAddress
lstrlenA
DeleteFileA
GetCurrentProcess
DuplicateHandle
GetShortPathNameA
GetCommandLineA
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
CreateThread
CreateDirectoryA
MoveFileExA
GetSystemDirectoryA
ExitProcess
GetTickCount

user32

CloseClipboard
EmptyClipboard
OpenClipboard
IsWindow
keybd_event
VkKeyScanA
GetClassNameA
GetWindowTextA
MessageBoxA
wsprintfA
SetClipboardData
GetForegroundWindow
GetWindowLongA

advapi32

OpenProcessToken
LookupPrivilegeValueA

shell32

SHGetSpecialFolderPathA

msvcrt

sprintf
??2@YAPAXI@Z
srand
rand
_strlwr
strstr

netapi32

Netbios

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

ws2_32

htons
inet_addr
connect
socket
WSAStartup
WSACleanup
gethostbyname
gethostname
closesocket

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2dd42c77e09b7a7683d784b2aba6d617

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

netapi32

wininet

ws2_32

Sections

.text Size: 32KB - Virtual size: 32KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 8KB - Virtual size: 8KB