d98d1aa33125f4a81d1871fcabd8cd42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d98d1aa33125f4a81d1871fcabd8cd42_JaffaCakes118
Size

61KB
MD5

d98d1aa33125f4a81d1871fcabd8cd42
SHA1

76e0a52285b1a4dbc903fdef07b9d33a464cb0b0
SHA256

31d1d6fe1f8110dc160632717c570159ba7130f65d1fadb067322d566d487d63
SHA512

61108a18005984ce4433523e67fac80b336d724bc18b0b27a4a425f92bd6e6dd2f812a3fbeb99d31d0f133221ff06c3334e9bec3f4092cdc7f553e3e75988b32
SSDEEP

768:ievc2d/7lyq+i4woat+9zAZqjo0MhIraQ6LkLXpsuoSxD3l9Kxw93eozbt:i+3ZlQc0MhGaQ6LkLXpsuok79Ood

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d98d1aa33125f4a81d1871fcabd8cd42_JaffaCakes118

Files

d98d1aa33125f4a81d1871fcabd8cd42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6786b3b38c5e232da10831543d0e7517

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetLastError
CopyFileA
SetFileAttributesA
GetFileAttributesA
lstrcmpiA
GetTempPathA
GetModuleFileNameA
CreateProcessA
ExitProcess
WriteFile
CreateFileA
ExpandEnvironmentStringsA
ExitThread
GetSystemDefaultLangID
GlobalUnlock
GlobalLock
lstrlenA
CreateDirectoryA
lstrcatA
GetDriveTypeA
GetLogicalDriveStringsA
CreateMutexA
SetErrorMode
IsBadCodePtr
SetUnhandledExceptionFilter
RaiseException
LocalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
CloseHandle
Sleep
GetVersionExA
GetLocaleInfoA
GetTickCount
GlobalAlloc
GetModuleHandleA
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetFilePointer
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
HeapReAlloc
VirtualAlloc
HeapFree
VirtualFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate

user32

BlockInput
FindWindowA
CloseClipboard
SetClipboardData
EmptyClipboard
wsprintfA
VkKeyScanA
SetFocus
GetForegroundWindow
SetForegroundWindow
keybd_event
ShowWindow
OpenClipboard

advapi32

RegDeleteKeyA
RegCreateKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
GetUserNameA
RegOpenKeyA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantInit
SysAllocString
VariantClear

ws2_32

closesocket
sendto
ioctlsocket
recv
select
gethostbyname
inet_addr
WSACleanup
WSAStartup
connect
socket
htons
send

shlwapi

PathRemoveFileSpecA

urlmon

URLDownloadToFileA

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6786b3b38c5e232da10831543d0e7517

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

ws2_32

shlwapi

urlmon

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 13KB - Virtual size: 22KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 13KB - Virtual size: 22KB