db7b721663808f86f6a05f6840c7fa68_JaffaCakes118

General

Target

db7b721663808f86f6a05f6840c7fa68_JaffaCakes118
Size

72KB
MD5

db7b721663808f86f6a05f6840c7fa68
SHA1

40abbc4d96fb6de4364fbea879cafd2d74819b13
SHA256

a063d4a7a8a8da35e7e51470e70a80cbe34d3508dac46bf4388778766b4b1aeb
SHA512

a2a72e87723aa3a18089d5f5e757b5e6ee0c484af35bee7a9f8e41d062aa92a68067bd2c859c2aed734127f1026b37c074a0e59e7d38b6bcb0bc27a32daef153
SSDEEP

768:o76iXKsAT9DH0KEdm9P+r+zKculPa2hUUtzw1ajEWuIqz3TlwtlexPnO:wKsAT1AdmoVPa2hUUtzw1alu/ElwO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db7b721663808f86f6a05f6840c7fa68_JaffaCakes118

Files

db7b721663808f86f6a05f6840c7fa68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1f4388b4a4215c444cb4488c2334003

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheEntry

urlmon

URLDownloadToFileA

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
OutputDebugStringA
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
TerminateProcess
GetProcAddress
MultiByteToWideChar
GetStringTypeW
CloseHandle
WriteFile
WinExec
GetPrivateProfileStringA
GetSystemDirectoryA
Sleep
GetLastError
CreateMutexA
FlushFileBuffers
SetUnhandledExceptionFilter
SetFilePointer
ReadFile
GetFileType
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
SetStdHandle
GetStdHandle
SetHandleCount
GetModuleFileNameA
GetEnvironmentStringsW
UnhandledExceptionFilter
SetEnvironmentVariableA
GetEnvironmentStrings
CompareStringW
CompareStringA
HeapSize
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
WideCharToMultiByte

user32

wsprintfA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CoInitialize

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1f4388b4a4215c444cb4488c2334003

Headers

File Characteristics

Imports

wininet

urlmon

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 27KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 27KB