f4ed3b7a8a58453052db4b5be3707342_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f4ed3b7a8a58453052db4b5be3707342_JaffaCakes118
Size

19KB
MD5

f4ed3b7a8a58453052db4b5be3707342
SHA1

181f1dd75e95b47e178199c90d9872543fdd4529
SHA256

a4f141b99b50cd537644b334d14575060522ee77a7d362e49f2bdc733379f982
SHA512

c38b8c44ba6b53b927f9161b48b18c52ffac70eeca8d715416d862c2860f8a4ac439f7904f81f9edd84410e4311ca2bc944760435eb3ba4c04822d987c769c55
SSDEEP

384:pbWUO0Ken4NJQWiQxpe9uYxMy6BaHaljyQ5Trx81yzbLu2JxkFYYH0:pb5O0vMxpe9LGfBaHuGQ5/x+yzzTkeG0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4ed3b7a8a58453052db4b5be3707342_JaffaCakes118

Files

f4ed3b7a8a58453052db4b5be3707342_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d24325daea16e770eb82fa6774d70f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetLogicalDrives
Process32Next
Process32First
CreateToolhelp32Snapshot
WriteFile
GetFileSize
GetCurrentProcess
DeleteFileA
GetModuleFileNameA
GetLocalTime
GetDriveTypeA
CreateMutexA
SetFileTime
SystemTimeToFileTime
GetSystemTime
CopyFileA
lstrlenA
GetTempFileNameA
GetTempPathA
ExitProcess
GetModuleHandleA
GetVolumeInformationA
SetStdHandle
ExpandEnvironmentStringsA
GetSystemDirectoryA
GetFileAttributesA
OpenProcess
GetExitCodeProcess
PeekNamedPipe
ReadFile
GetConsoleDisplayMode
CreateProcessA
AttachConsole
CreateFileA
WriteConsoleInputA
GetComputerNameA
Sleep
CreatePipe
GetWindowsDirectoryA
SetCurrentDirectoryA
CreateThread
TerminateProcess
GetStartupInfoA
WaitForSingleObject
CloseHandle
GetVersionExA
GetLastError

user32

DefWindowProcA
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA

msvcrt

memcpy
strstr
_strnicmp
strchr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
??3@YAXPAX@Z
strlen
strcpy
??2@YAPAXI@Z
sprintf
memset
_except_handler3
atoi
_strcmpi
__CxxFrameHandler
_EH_prolog
atol
sscanf
strrchr
strcat

wininet

InternetSetOptionA
InternetOpenA
InternetQueryOptionA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA

userenv

GetUserProfileDirectoryA

advapi32

OpenProcessToken
CloseServiceHandle
EnumServicesStatusExA
OpenSCManagerA
ControlService
OpenServiceA
StartServiceA
GetUserNameA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
CreateProcessAsUserA

urlmon

URLDownloadToFileA

shell32

SHCreateDirectoryExA
ShellExecuteA

secur32

GetUserNameExA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d24325daea16e770eb82fa6774d70f1

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

wininet

userenv

advapi32

urlmon

shell32

secur32

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB