d3ea5a6af5330c5c9fa452f3819677d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3ea5a6af5330c5c9fa452f3819677d0_JaffaCakes118
Size

63KB
MD5

d3ea5a6af5330c5c9fa452f3819677d0
SHA1

3cef57c570621e0c5c1d04431b990e58d4e69a63
SHA256

90e34ab31d00d23b35e7fe656ce3754d759b2d846a0aad076bd909d2f4d14e58
SHA512

a01597ebcb8907daab8c631260c991b913a738393e12733bf8a8e4e6b779b08b709fcd86f52e61cf21991453c530171410cfb22fa478566c9842ffea071fc254
SSDEEP

1536:ENnaNhtEcYECBWh2xMxStiWoH0AqHaaJs7W:saNEcYEh5xSIWoNqHpJs7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3ea5a6af5330c5c9fa452f3819677d0_JaffaCakes118

Files

d3ea5a6af5330c5c9fa452f3819677d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

adf23c6d07b8934863fcfadf680025f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetConnectW
HttpOpenRequestW
InternetSetOptionW
InternetSetPerSiteCookieDecisionW
InternetQueryDataAvailable
InternetCloseHandle
InternetOpenUrlW
InternetAttemptConnect
InternetClearAllPerSiteCookieDecisions
InternetReadFile
HttpSendRequestW
InternetOpenW

shlwapi

StrStrIA
PathCombineW
PathMatchSpecW
wvnsprintfW
PathRemoveFileSpecW
StrStrIW

kernel32

TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
GetTimeZoneInformation
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
HeapCreate
CopyFileW
CreateThread
OpenEventW
FindClose
GetTickCount
VirtualProtect
CreateProcessW
SetUnhandledExceptionFilter
ExitProcess
CloseHandle
DeleteFileW
LoadLibraryW
GetLastError
ExpandEnvironmentStringsW
GetProcAddress
CreateDirectoryW
Sleep
FindFirstFileW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCurrentDirectoryW
ResumeThread
VirtualAlloc
HeapReAlloc
GetFileSize
WriteFile
GetLocalTime
SetFilePointer
SetEndOfFile
GetVersionExW
HeapAlloc
CreateWaitableTimerW
SetWaitableTimer
FindNextFileW
SystemTimeToFileTime
GetFileTime
HeapFree
ReadFile
GetModuleFileNameW
WaitForSingleObject
VirtualQuery
CreateFileW
GetFileSizeEx
VirtualFree
GetProcessHeap
GetSystemTime
GetModuleHandleW
GetCommandLineW
CreateEventW
WaitForMultipleObjects
SetEvent

user32

SetWindowPos
SetWindowLongW
PeekMessageW
GetWindowLongW
DispatchMessageW
GetForegroundWindow
SetForegroundWindow
CreateWindowExW
GetSystemMetrics
MessageBoxW
FindWindowW
SetParent
CharLowerW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoCreateInstance
OleInitialize
CoInitialize

oleaut32

SysFreeString
VariantInit
SysAllocString
VariantClear

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

adf23c6d07b8934863fcfadf680025f3

Headers

File Characteristics

Imports

wininet

shlwapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 97KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 97KB