0024a73f22b90ba51b05e8954a6b137f_JaffaCakes118

General

Target

0024a73f22b90ba51b05e8954a6b137f_JaffaCakes118
Size

25KB
MD5

0024a73f22b90ba51b05e8954a6b137f
SHA1

a90fd769c41d9ae3f15be7917dc4ad80f231aa03
SHA256

d7d1024578e2ea54265d9fffabc2d2130552e08375c7d5712cdeabe98116c654
SHA512

0d5bb721635c8d6a93a8ba1f466da016721e40412fa5a27f0b36c0ca83636015f9a969649584cc8357cb4cf992673ce89452f4839b876335893c78633280487b
SSDEEP

384:+aQBf+g2MQM2YUeXlfno4uwVMmakllt4q5:+VBf+g2MnXXlfF5V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0024a73f22b90ba51b05e8954a6b137f_JaffaCakes118

Files

0024a73f22b90ba51b05e8954a6b137f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdfa614deca8ff0fd0c815c515975e53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\myproject\StartPage\SetStartPage\Release\SetStartPage.pdb

Imports

msvcrt

_cexit
strstr
??3@YAXPAX@Z
time
srand
exit
_c_exit
_acmdln
_exit
strcat
_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
toupper
memcpy
sprintf
_snprintf
printf
atol
strcpy
strlen
memset
_itoa

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA

netapi32

Netbios

kernel32

OutputDebugStringA
lstrlenA
GetCurrentProcessId
GetLastError
GetTickCount
GetStartupInfoA
CreateEventA
SleepEx

user32

SendMessageA
InvalidateRgn
GetFocus
DrawFocusRect
GetDC
GetSystemMetrics
SetWindowPos
SetWindowLongA
ReleaseDC
LoadCursorA
SetCursor
GetDlgCtrlID
CallWindowProcA
SetWindowTextA
GetDlgItem
LoadIconA
DialogBoxParamA
EndDialog

gdi32

SelectObject
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
ExtTextOutA
DeleteObject
SetTextColor
SetBkMode

shell32

ShellExecuteA

shlwapi

SHGetValueA
SHSetValueA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdfa614deca8ff0fd0c815c515975e53

Headers

File Characteristics

PDB Paths

Imports

msvcrt

wininet

netapi32

kernel32

user32

gdi32

shell32

shlwapi

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 12KB