d4d05ba358d48e8468628fec855b0dd7_JaffaCakes118

General

Target

d4d05ba358d48e8468628fec855b0dd7_JaffaCakes118
Size

11KB
MD5

d4d05ba358d48e8468628fec855b0dd7
SHA1

14f9d5ae45ab5f471a6fff6c97ecda79e98f7c0d
SHA256

37dc97499848231687b2e227f03d71d4d277218f44b525de2efd6a98cf16543f
SHA512

81f44a7760c128599e9303f49d4bf5b8b9ef01bc0350c3d59992bd08e7df56ab2545ad46a9b6dc908d8eb4b3995838971536d3db1927b5efd9a5937266364643
SSDEEP

192:BykdHIijKePASvs/R6NJUkBBctF3Uc09qbR:Dd4Svs/R6NCD8c09K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4d05ba358d48e8468628fec855b0dd7_JaffaCakes118

Files

d4d05ba358d48e8468628fec855b0dd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a9e9936c53c8a97791e7d1391e5f094

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msto32

UninstallHook
InstallHook

user32

SetTimer
SendMessageA
RegisterClassExA
PostQuitMessage
OpenClipboard
KillTimer
GetWindowTextA
GetMessageA
TranslateMessage
GetClipboardData
GetClassNameA
FindWindowExA
FindWindowA
DispatchMessageA
DefWindowProcA
CreateWindowExA
CloseClipboard
wsprintfA
GetForegroundWindow

kernel32

GlobalLock
SetFilePointer
GlobalFree
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
WriteFile
WinExec
Sleep
GlobalAlloc
ReadFile
Process32Next
Process32First
CloseHandle
CreateFileA
CreateThread
CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetFileSize
GetModuleHandleA
GetSystemDirectoryA
GetSystemTime
GetWindowsDirectoryA
GlobalUnlock

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
GetUserNameA
RegOpenKeyA

wsock32

send
recv
listen
inet_ntoa
inet_addr
htons
gethostbyname
connect
closesocket
WSACleanup
accept
socket
WSAStartup
WSAAsyncSelect
bind

wininet

InternetOpenUrlA
InternetOpenA
InternetGetConnectedState
InternetConnectA
InternetCloseHandle
FtpPutFileA
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntryA
InternetReadFile

urlmon

URLDownloadToFileA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9a9e9936c53c8a97791e7d1391e5f094

Headers

File Characteristics

Imports

msto32

user32

kernel32

advapi32

wsock32

wininet

urlmon

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 87KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 87KB