ef90d4872166fb4cdc229679d7456ca9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef90d4872166fb4cdc229679d7456ca9_JaffaCakes118
Size

98KB
MD5

ef90d4872166fb4cdc229679d7456ca9
SHA1

5fb8c212d1247dc9fbf01cba71243d450f961f07
SHA256

9736f5254ec70b23c5a8cccc86871c2172bc546f884640910dafd86b982a1d17
SHA512

eede91b6cf2572a251e9d06815a304f08b6c071dafc6c6738b56010f56e4fce91bbb065c5ad765c3e9677f91bd76c2c3f385700023ec8ba27fce846024d70430
SSDEEP

1536:Sa/4uGDy5zsDOjWs5DMZirVcV0aXZeXPadmEfe8HY1wr3tbbKG1BlckDRKrmL:L/4uAv45lxq0aYPkM84VgckArmL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef90d4872166fb4cdc229679d7456ca9_JaffaCakes118

Files

ef90d4872166fb4cdc229679d7456ca9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9284a6dff3ff9d57cad375c7b3d432cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
ExitProcess
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
HeapAlloc
LeaveCriticalSection
MultiByteToWideChar
OpenFile
QueryPerformanceCounter
RemoveDirectoryA
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
lstrcmpA

user32

GetDlgItem
GetWindowTextA
MessageBoxA
DispatchMessageA
CreateIconFromResourceEx

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA

ole32

OleUninitialize
RegisterDragDrop
ReleaseStgMedium
WriteClassStg
OleInitialize
CoCreateGuid
CoCreateInstance
CoGetClassObject
CoInitialize
CoTaskMemRealloc
CoUninitialize
CreateILockBytesOnHGlobal

wininet

InternetSetOptionExA
InternetSetStatusCallbackA
InternetQueryDataAvailable
InternetGetLastResponseInfoA
InternetGetCookieA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetOpenA

shell32

SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
Shell_NotifyIconA
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
SHBindToParent

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9284a6dff3ff9d57cad375c7b3d432cc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

wininet

shell32

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 30KB - Virtual size: 32KB

.data Size: 1KB - Virtual size: 152KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 7KB - Virtual size: 8KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 30KB - Virtual size: 32KB

.data
Size: 1KB - Virtual size: 152KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 7KB - Virtual size: 8KB