e25c0b966dcade61c857fd9ad7d88acb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e25c0b966dcade61c857fd9ad7d88acb_JaffaCakes118
Size

1.4MB
MD5

e25c0b966dcade61c857fd9ad7d88acb
SHA1

fbd284b5ab419546b655b57a9dd4e67fa7bced39
SHA256

9cb327ce759be960e3ba338e7e28cbbd9a2ce4f7f009e36e46ce20ee6e626d9e
SHA512

c3feedaa4226748c65507fc15ea2edb717e281a4e767810023cd2a4890e556d0d9c31c4c771146d7a8639b3b93e18644eff3cf6e17087f9c5d612b3dc40467f1
SSDEEP

24576:QkcED6301quRH3jo6FpJzKTgbu+T/3Az9AiDAQ965OF5Hk2FOJsFwzZLEHLHHtdr:WepN3n4T8uIQx3965OFtRFjFwqHrnr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e25c0b966dcade61c857fd9ad7d88acb_JaffaCakes118

Files

e25c0b966dcade61c857fd9ad7d88acb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e9433703b1504732819382631f90644

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
EnterCriticalSection
ExitProcess
GetCommandLineA
GetModuleHandleA
GetPrivateProfileStringA
GetStartupInfoA
HeapAlloc
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RemoveDirectoryA
RtlUnwind
SetCurrentDirectoryA
SetLastError
SetUnhandledExceptionFilter
SleepEx
UnmapViewOfFile
lstrcmpA

user32

CreateMDIWindowA
MessageBoxIndirectA
DialogBoxParamA
EnableWindow
EndPaint
MessageBoxA
OemToCharW
OemToCharA
CharToOemA

advapi32

RegQueryValueA
RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA
RegCloseKey

ole32

CoUninitialize
OleGetClipboard
OleFlushClipboard
CreateFileMoniker
CoTaskMemFree
CoInitialize
CoGetClassObject
CoCreateInstance
OleUninitialize
CLSIDFromProgID
OleInitialize

wininet

InternetOpenA
InternetQueryDataAvailable
InternetSetFilePointer
InternetSetOptionExA
InternetGetLastResponseInfoA
InternetGetCookieA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHGetDesktopFolder
SHFileOperationA
ShellExecuteExW
SHBindToParent

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 956KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e9433703b1504732819382631f90644

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

wininet

shell32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 30KB - Virtual size: 32KB

.data Size: 1KB - Virtual size: 956KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 15KB - Virtual size: 16KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 30KB - Virtual size: 32KB

.data
Size: 1KB - Virtual size: 956KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 16KB