d1d20d26fe738cbb4a6ba984410eef17_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d1d20d26fe738cbb4a6ba984410eef17_JaffaCakes118
Size

16KB
MD5

d1d20d26fe738cbb4a6ba984410eef17
SHA1

887eab0afe5eef5ba87188849fe23e291488b63a
SHA256

d5dcbfa5ce58d8b4a7314d8b66a4edaac659385862da723f2fe8d6bf55e959f8
SHA512

41b61b619dd03693624a811a587d207eb35dcb13b90595a5f5347d62b4c8738bdce3ff29c26ba7e1752a1f353c308786cb2b491c44225622720c9deca0ab7338
SSDEEP

96:Ap09gx8tH+zfDJpjGjqljAhDjNfnBRIDqnLX5eJ7cqvNzI3YExARpwEfPggFuHdX:EIgy+PJpQrHtp0PIIyLmggFe8LoyuS2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1d20d26fe738cbb4a6ba984410eef17_JaffaCakes118

Files

d1d20d26fe738cbb4a6ba984410eef17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17b7de6c713c0d05231244b8a5eff783

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
CreateToolhelp32Snapshot
ExitProcess
ExitThread
GetCommandLineA
GetCurrentProcessId
GetFileSize
GetModuleFileNameA
GetProcAddress
GetSystemDirectoryA
GetTickCount
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
LoadLibraryA
MapViewOfFile
CreateFileMappingA
Process32First
Process32Next
ReadFile
ReleaseMutex
SetEndOfFile
SetFileAttributesA
SetFilePointer
Sleep
TerminateProcess
UnmapViewOfFile
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpiA
lstrlenA
CreateFileA
CopyFileA
OpenProcess
CloseHandle

user32

GetDesktopWindow
MessageBoxA

wsock32

socket
connect
select
recv
listen
gethostname
gethostbyname
inet_addr
WSAStartup
closesocket
bind
accept

shell32

ShellExecuteA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyA

shlwapi

StrStrIA

wininet

InternetGetConnectedState

urlmon

URLDownloadToFileA

ole32

CreateStreamOnHGlobal
CoInitialize

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 371B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 381B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17b7de6c713c0d05231244b8a5eff783

Headers

File Characteristics

Imports

kernel32

user32

wsock32

shell32

advapi32

shlwapi

wininet

urlmon

ole32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 512B - Virtual size: 371B

.data Size: 1024B - Virtual size: 3KB

.idata Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 381B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 512B - Virtual size: 371B

.data
Size: 1024B - Virtual size: 3KB

.idata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 381B