df38ae5391bd73f6b16b5528316c7eb5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

df38ae5391bd73f6b16b5528316c7eb5_JaffaCakes118
Size

92KB
MD5

df38ae5391bd73f6b16b5528316c7eb5
SHA1

94b8e2654d592bec221724fb2d746b54cfc0413d
SHA256

33a6dfd9707328eeb8c88db1f66be5771983c10236ce19aa462ce8a7a1f91630
SHA512

5e9873b7ef6fbae960db9dbb04f40ef5f1f0b7b205340ca035a69ab27dd9b856365919d820dd4028d2fb539edd5eecb4045747c0438f6e9a33cf47133225072d
SSDEEP

1536:S2GMSIJK/FSHYey6MFTWi28Q52liMZd5Tv7MDElsl:Sj0Hzy6JIXv4DEls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df38ae5391bd73f6b16b5528316c7eb5_JaffaCakes118

Files

df38ae5391bd73f6b16b5528316c7eb5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ce76a30650ebbdc499b65e8ff42b75a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegEnumValueA

iphlpapi

GetNetworkParams
GetAdaptersInfo

wininet

HttpSendRequestA
HttpAddRequestHeadersA
InternetOpenA
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
InternetReadFile

urlmon

URLDownloadToCacheFileA

kernel32

FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
Sleep
GetExitCodeThread
CreateThread
WaitForSingleObject
GetSystemDefaultLangID
GetLastError
FormatMessageA
GetVersionExA
CloseHandle
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GetModuleHandleA
CreateFileA
HeapFree
HeapAlloc
WriteFile
SetFilePointer
ReadFile
GetProcAddress
WideCharToMultiByte
LoadLibraryA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetVolumeInformationA
lstrcmpiA
MultiByteToWideChar
TerminateProcess
InterlockedExchange
DeleteCriticalSection
ExitProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
RtlUnwind
RaiseException
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ce76a30650ebbdc499b65e8ff42b75a

Headers

File Characteristics

Imports

advapi32

iphlpapi

wininet

urlmon

kernel32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 36KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 36KB