d11a59f9092033126248094805f9f69e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d11a59f9092033126248094805f9f69e_JaffaCakes118
Size

24KB
MD5

d11a59f9092033126248094805f9f69e
SHA1

8963eafd74929d6da225ed8edfdf1cb934a0f52e
SHA256

f0d95bb711adb0b754879e46c51651bf80b026f4734fc17f23178f202d22f0d6
SHA512

16bf6f86e51ed80fedea8e9df897e681a9803f74a0d1fb8e068782c48e3b11afa724975c780a152e9c3e222cf879788bfe073adf0db6876074236b7bb9d3c1c4
SSDEEP

384:UqOf7BleZYG/o/GLKJQdKfAXWgPXMFX+KIACjpQOfy4/HRj74VkpY7sQn4wSM0wU:S7HG/o/GLKn52XMFX+/nTpVaSzwlZ6Jv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d11a59f9092033126248094805f9f69e_JaffaCakes118

Files

d11a59f9092033126248094805f9f69e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

350da13e865411c197ee84e4c75802e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strlen
strncpy
strcpy
strcat
localtime
mktime
gmtime
_strnicmp
memcpy

user32

wsprintfA
GetAsyncKeyState
GetForegroundWindow
GetWindowTextA
wvsprintfA
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
OpenClipboard
EmptyClipboard
CloseClipboard
GetClipboardData
SetClipboardData

advapi32

GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

wsock32

closesocket
WSACleanup
WSAStartup
gethostname

wininet

InternetGetConnectedState
InternetOpenA
InternetConnectA
FtpPutFileA
InternetCloseHandle

comctl32

InitCommonControls

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
OpenProcess
TerminateProcess
CloseHandle
GetModuleFileNameA
Sleep
GetDiskFreeSpaceExA
GetDriveTypeA
GlobalMemoryStatus
HeapDestroy
HeapReAlloc
FreeLibrary
GetProcAddress
HeapAlloc
LoadLibraryA
IsBadReadPtr
HeapFree
GlobalAlloc
GlobalFree
TerminateThread
CreateThread
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
GetTickCount
GetVersionExA
FindFirstFileA
FindClose
DeleteFileA
CopyFileA
CreateFileA
ReadFile
SetFilePointer
GetFileSize
WriteFile
GetLocalTime
GlobalLock
GlobalUnlock

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteExA

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

350da13e865411c197ee84e4c75802e0

Headers

File Characteristics

Imports

crtdll

user32

advapi32

wsock32

wininet

comctl32

kernel32

shell32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 5KB

.flat Size: 512B - Virtual size: 334B

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 5KB

.flat
Size: 512B - Virtual size: 334B