df4fc3deff7bcedc91ad364e2991b567_JaffaCakes118

General

Target

df4fc3deff7bcedc91ad364e2991b567_JaffaCakes118
Size

77KB
MD5

df4fc3deff7bcedc91ad364e2991b567
SHA1

74b93a4e6b6961cfcc58818e5aa5cab05c1602f9
SHA256

1a12135c29c7b9bdf9ea1381880d353788d6ce0eb25d34c692ddea05910df0f0
SHA512

c85409c0e3dcda2e08565f6b7cd74d0b42829ad98a085446d04b70fafa8718d55665b50b6c966424a173a33871571acb579f45f41b9df797e35b1a375d1a17c6
SSDEEP

1536:Sc3YFtw2W0gt18aAZTUyujK2gRS1Nj4YKAulB6qOL:StFtw1v2d92gRS17huYqOL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df4fc3deff7bcedc91ad364e2991b567_JaffaCakes118

Files

df4fc3deff7bcedc91ad364e2991b567_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48725103938db876c4f163c28a37a016

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetStartupInfoA
SetSystemPowerState
FormatMessageW
GetCPInfo
RemoveDirectoryW
FindFirstFileW
FindNextFileW
TlsGetValue
TlsAlloc
GetProfileStringW
HeapFree
GetTempPathW
HeapAlloc
GetProcessHeap

shlwapi

StrStrW

ole32

OleSetContainedObject
CoInitialize
CoCreateInstance
CoUninitialize

wininet

InternetAttemptConnect
HttpEndRequestA
InternetWriteFile
InternetSetOptionA
InternetQueryOptionA
InternetQueryDataAvailable
HttpSendRequestExA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetOpenA
InternetReadFile

msvcrt

__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__p___winitenv
exit
_XcptFilter
_exit
_ftol
localtime
_onexit
malloc
free
memset
fopen
fseek
fwrite
wcslen
fclose

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 438KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48725103938db876c4f163c28a37a016

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

ole32

wininet

msvcrt

Sections

.text Size: 32KB - Virtual size: 30KB

.data Size: 132KB - Virtual size: 438KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 30KB

.data
Size: 132KB - Virtual size: 438KB

.rsrc
Size: 4KB - Virtual size: 1KB