de3218d0019bc400c2e5774608d5911e_JaffaCakes118

General

Target

de3218d0019bc400c2e5774608d5911e_JaffaCakes118
Size

165KB
MD5

de3218d0019bc400c2e5774608d5911e
SHA1

41c15cc40140c208c3fa44a18aec71e5a2d12196
SHA256

e0f41071fe69938fb9952f96447809fd20094d8513cd6f3b2c968b7c060b09c1
SHA512

6469318732bed482bcce34ce799becfedd41b4b7f3e6724fd5e281c59880f159d8221e605337fde1ebd3f4dfe7c1a37bad08fd2858b10c08b4324123c521ae77
SSDEEP

3072:yZyR0VHk5aIET13QLM6pcnZX+jaTbAMqzMsC55WR9X29a2TJjZTT7qg:yZyR6Hk5TgCYX+mT0WL5IR09a2ZTTz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de3218d0019bc400c2e5774608d5911e_JaffaCakes118

Files

de3218d0019bc400c2e5774608d5911e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4812ce0e9693054764faf9ed2a506e48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
FindNextChangeNotification
GlobalGetAtomNameA
FindFirstChangeNotificationW
GetModuleFileNameW
FindFirstFileW
GlobalUnlock
GetModuleHandleW
InitializeCriticalSection
GetVersionExA
lstrlenW
GetProcAddress
DeleteCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
MultiByteToWideChar
LoadLibraryA
FreeLibrary
FindClose
WaitForSingleObject
FindCloseChangeNotification
EnumResourceTypesW
FindResourceW
LockResource
LoadResource
Sleep
LoadLibraryW
GetTickCount
IsDBCSLeadByte
GlobalLock
GetVersionExW
MulDiv
GlobalAlloc
GetPrivateProfileIntW
CloseHandle
GlobalSize
GetLocaleInfoW

wininet

InternetReadFile
InternetTimeToSystemTime
InternetCloseHandle
HttpOpenRequestA
InternetErrorDlg
InternetConnectA
InternetCrackUrlA
HttpQueryInfoA
HttpSendRequestA
InternetOpenA
InternetTimeFromSystemTime

shell32

SHGetImageList
ShellExecuteExA
CommandLineToArgvW
ShellExecuteW
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteExW
SHGetFolderPathW
SHFileOperationW
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4812ce0e9693054764faf9ed2a506e48

Headers

File Characteristics

Imports

kernel32

wininet

shell32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 2KB - Virtual size: 405KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 2KB - Virtual size: 405KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 512B - Virtual size: 4KB