fee44c932ab168f2ff4aa083b03f5705_JaffaCakes118

General

Target

fee44c932ab168f2ff4aa083b03f5705_JaffaCakes118
Size

152KB
MD5

fee44c932ab168f2ff4aa083b03f5705
SHA1

aef0dcc3dbfbcf939f9911fcc0e65ddd3481924d
SHA256

977e81d6867919475d246c33410a31cfd945507d1d35babb64e6c2c576fe8af5
SHA512

d3191c8e72fef7d882537707fe341158c39d24b41ab95cd71e49d8c4184823ca3e9285ac266ef719ac8b78ec023f1e19b7afdfa1bc1e909bf1bcee5d0cfc5897
SSDEEP

3072:s1UKzmjylSftATyTCG/5TA4t9fr6SzxPU1124cueJuy54UER:s1CCQZZr6S9wRuuyu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fee44c932ab168f2ff4aa083b03f5705_JaffaCakes118

Files

fee44c932ab168f2ff4aa083b03f5705_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7cac1f9dce1a6e7a760770a87bde34d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatW
InterlockedExchange
GetCurrentProcessId
GetFileTime
GetDiskFreeSpaceW
FindCloseChangeNotification
FindNextChangeNotification
GetVolumeInformationW
DeleteCriticalSection
GetLocalTime
CreateFileW
GetModuleHandleW
InitializeCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetProfileStringW

shlwapi

PathStripToRootW
PathAddBackslashW
StrStrIW
StrToIntW
PathFindFileNameW

wininet

InternetSetFilePointer
InternetGetLastResponseInfoW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetOpenUrlW
InternetOpenW
HttpSendRequestW
InternetConnectW
HttpOpenRequestW
InternetCloseHandle
InternetSetOptionExW
InternetWriteFile

msvcrt

__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__p___winitenv
exit
_XcptFilter
_exit
_onexit
wcslen
_wcsdup
localtime
fopen
fseek
fputs
atoi
fclose
fwrite

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 391KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cac1f9dce1a6e7a760770a87bde34d8

Headers

File Characteristics

Imports

kernel32

shlwapi

wininet

msvcrt

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 76KB - Virtual size: 391KB

.rsrc Size: 4KB - Virtual size: 808B

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 76KB - Virtual size: 391KB

.rsrc
Size: 4KB - Virtual size: 808B