e249ac44b22d856d4a609828c92c4e73_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e249ac44b22d856d4a609828c92c4e73_JaffaCakes118
Size

25KB
MD5

e249ac44b22d856d4a609828c92c4e73
SHA1

196df821d4316029d4b78c524c4fe5fa251b817d
SHA256

6db118df29ba26b88cd42f1f9d13fb7bc81d882297b9f8d0aede0212e52b722d
SHA512

8b060ef30c7d5a95e440094b318fa141404f3c29613ac597335389b7af116993f3b5935213741beb49fc0e4713b4414665b5643829fada8f8297d89fa933b05e
SSDEEP

384:jRhzmjcHxGhcVCxeFZvEcCzxR66Rlqv7zB1zXICOHazpaZqDKcnM3i:rOhcRmjdRlqv7zBdIC/zp/LMy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e249ac44b22d856d4a609828c92c4e73_JaffaCakes118

Files

e249ac44b22d856d4a609828c92c4e73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d321a1332ec2a2477dc32d6fca1a4ce5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
SetFilePointer
ReadFile
GlobalFree
GetTickCount
OpenProcess
TerminateProcess
CloseHandle
LoadLibraryA
GetProcAddress
CreateFileA
WriteFile
LocalAlloc
LocalFree
lstrlenA
WideCharToMultiByte
lstrcmpiA
MultiByteToWideChar
GetLocalTime
GetFileSize
ExitProcess
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
lstrcpyA
lstrcatA
SetFileAttributesA
CopyFileA
SystemTimeToFileTime
CompareFileTime
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32First
Process32Next
GetSystemDirectoryA
GetModuleFileNameA
GetCommandLineA
Sleep
CreateThread
WaitForSingleObject
GetWindowsDirectoryA
WinExec
ReleaseMutex
CreateMutexA
FindFirstFileA
FindNextFileA
FindClose
GetLogicalDriveStringsA
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
lstrcpynA
GetCurrentProcess

user32

DrawTextA
wsprintfA
GetDesktopWindow
MessageBoxA
CharUpperA

wsock32

gethostname
gethostbyname
inet_addr
select
recv
socket
connect
closesocket
bind
listen
accept
send
WSAStartup

ole32

CreateStreamOnHGlobal
CoInitialize

shlwapi

StrDupA
StrStrIA
StrTrimA
StrRChrA
StrChrIA

wininet

InternetGetConnectedState

advapi32

RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA

urlmon

URLDownloadToFileA

shell32

ShellExecuteA

gdi32

GetObjectA
GetDIBits
DeleteDC
DeleteObject
CreateCompatibleDC
GetDeviceCaps
CreateBitmap
SelectObject
SetBkMode
FloodFill
CreateFontA
SetTextColor

Sections

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d321a1332ec2a2477dc32d6fca1a4ce5

Headers

File Characteristics

Imports

kernel32

user32

wsock32

ole32

shlwapi

wininet

advapi32

urlmon

shell32

gdi32

Sections

.data Size: 7KB - Virtual size: 10KB

.text Size: 16KB - Virtual size: 15KB

.rsrc Size: 1024B - Virtual size: 924B

.data
Size: 7KB - Virtual size: 10KB

.text
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 1024B - Virtual size: 924B