ce065ef470eda5da59e08db56eb71024_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ce065ef470eda5da59e08db56eb71024_JaffaCakes118
Size

124KB
MD5

ce065ef470eda5da59e08db56eb71024
SHA1

c4ce6a07fe9996aa1c770a48da54cb99641409b6
SHA256

469c1c255bf31ad8799c32aad3a254ef715b99972a0f31dd0e9c92a2f583c019
SHA512

a50d8129d842994974512d70c88e5b50358fa0719a67340be8bde35a8cc03aa4873cfe5fffa9c3059639d6558b1df6b64886d9366ef6a2bd01e126e927308517
SSDEEP

3072:UohuU0NO38w4IYSRerEcXhY6DbI1jkP5eYIL01qyEf:UohuU0NO38wTd4r9qAIqRht1m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce065ef470eda5da59e08db56eb71024_JaffaCakes118

Files

ce065ef470eda5da59e08db56eb71024_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3273cdca03e2d6a68b440e9b861458fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
ReleaseMutex
GetLastError
CloseHandle
CreateMutexA
SetLastError
OpenMutexA
GetModuleFileNameA
CopyFileA
LoadLibraryA
GetVersionExA
GlobalFree
GlobalAlloc
GetTempFileNameA
MultiByteToWideChar
lstrcpyA
GetLocaleInfoA
GetCurrentProcessId
OpenProcess
Sleep
GetModuleHandleA
TerminateProcess
SearchPathA
GetSystemTime
DeleteFileA
GetStartupInfoA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA

advapi32

RegSetValueExA
RegDeleteValueA
RegEnumValueA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA

comctl32

ImageList_Create
ImageList_Add

gdi32

DeleteObject

msvcrt

_itoa
_rmdir
__p__fmode
_except_handler3
__setusermatherr
_initterm
_adjust_fdiv
_acmdln
_XcptFilter
__getmainargs
abs
time
_exit
rand
_strupr
srand
strtol
_findfirst
_stricmp
_findclose
fread
_findnext
__p__commode
__set_app_type
fwrite
fclose
fopen
malloc
free
__CxxFrameHandler
sprintf
_beginthreadex
_endthreadex
_mkdir
strrchr
_chdir
exit
atoi
strcmp
memset
isdigit
strlen
memcpy
??2@YAPAXI@Z
_controlfp
strcpy
??3@YAXPAX@Z
strstr
strcat

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ExtractAssociatedIconA

user32

MessageBoxA
SendMessageA
SetWindowTextA
DispatchMessageA
SetTimer
CreateWindowExA
CreateDialogParamA
TranslateMessage
GetMessageA
GetClassNameA
RegisterWindowMessageA
KillTimer
RegisterClassExA
PeekMessageA
FlashWindow
LoadBitmapA
SendDlgItemMessageA
RedrawWindow
SetWindowPos
DestroyWindow
GetClientRect
PostMessageA
GetWindowRect
SetFocus
MoveWindow
SetCursor
EnableWindow
GetDlgItem
GetWindowTextA
ShowWindow
PostQuitMessage
ReleaseCapture
LoadCursorA
DefWindowProcA
LoadIconA
MessageBeep
EnumWindows

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3273cdca03e2d6a68b440e9b861458fd

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

gdi32

msvcrt

ole32

shell32

user32

wininet

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 44KB - Virtual size: 82KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 44KB - Virtual size: 82KB

.rsrc
Size: 4KB - Virtual size: 3KB