03aa716ab6da1601fcd46eba0dd6cd6d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03aa716ab6da1601fcd46eba0dd6cd6d_JaffaCakes118
Size

72KB
MD5

03aa716ab6da1601fcd46eba0dd6cd6d
SHA1

ff072ded9d1ca2ab5a9b646d3fca2deee572ee09
SHA256

a6228f2deca5e6ebdfb63e11558259fca48640b658a7eb778744e9753dc26f31
SHA512

695834fd208b33aaa2a87e9affe16d229278b2719b545ba6783359d59fe500a284b22fa4ec002efaf48b846ebcc850e55d75b38bbd150efe352fb5d1bf05420e
SSDEEP

1536:2qGIzYltcmnZ1PawDJWAXdQb7bG6JPPtoW0:YIziimnZ1PaVAX27bTJPPtoW0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03aa716ab6da1601fcd46eba0dd6cd6d_JaffaCakes118

Files

03aa716ab6da1601fcd46eba0dd6cd6d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb656a6fe7567f4cc47cc97b5bafe6f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

Netbios

kernel32

FindFirstFileA
FindClose
SetCurrentDirectoryA
FindNextFileA
GetLogicalDriveStringsA
GetDriveTypeA
CreateProcessA
GetLastError
WaitForSingleObject
_llseek
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetWindowsDirectoryA
_lopen
GetShortPathNameA
_lread
CopyFileA
GetVolumeInformationA
_lcreat
lstrcpyA
GetOEMCP
GetVersion
lstrlenA
GetStringTypeA
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetACP
GetCPInfo
SetFilePointer
MultiByteToWideChar
WriteFile
RtlUnwind
HeapFree
SetStdHandle
HeapCreate
HeapDestroy
GetFileType
_lwrite
GetCurrentDirectoryA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
CloseHandle
FlushFileBuffers
LCMapStringW
LCMapStringA
TerminateProcess
ReadFile
GetStringTypeW
_lclose
GetSystemTime
SetFileAttributesA
VirtualFree
GetModuleFileNameA
GetSystemDirectoryA
UnhandledExceptionFilter
GetCurrentProcess
DeleteFileA
CreateDirectoryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess

user32

LoadAcceleratorsA
GetDC
GetSystemMetrics
TranslateMessage
DispatchMessageA
GetMessageA
SetFocus
RegisterClassA
LoadCursorA
LoadIconA
UpdateWindow
ShowWindow
CreateWindowExA
SetWindowTextA
PostMessageA
DefWindowProcA
EndPaint
MessageBoxA
BeginPaint
ReleaseDC
SetRect
CharUpperA
DestroyWindow
InvalidateRect
GetWindowTextA
wsprintfA
PostQuitMessage

gdi32

GetTextMetricsA
Rectangle
StretchDIBits
GetStockObject
SetTextColor
TextOutA
SetBkMode
CreateSolidBrush
SelectObject
CreateFontA
GetTextExtentPoint32A
DeleteObject
LineTo
MoveToEx
CreatePen
RealizePalette
SelectPalette
CreatePalette
SetBkColor

imm32

ImmInstallIMEA

wininet

InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetGetConnectedState

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb656a6fe7567f4cc47cc97b5bafe6f5

Headers

File Characteristics

Imports

netapi32

kernel32

user32

gdi32

imm32

wininet

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 37KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 37KB

.rsrc
Size: 4KB - Virtual size: 2KB