0026cd9fec37957eaf8b11e68b04ec57_JaffaCakes118

General

Target

0026cd9fec37957eaf8b11e68b04ec57_JaffaCakes118
Size

48KB
MD5

0026cd9fec37957eaf8b11e68b04ec57
SHA1

5d58e832d3b4bae29e8916cb909aa36bfafdf95b
SHA256

5da0ea0e0a1b5b28668fad891b62fc2ae79a7d54569e421fda7f26139e50306e
SHA512

3d5a326df1eccbb7b442921710cf77cfd7c7e1f6f0749a84a185c11ad38a62afd44ea51cbbac7410b2295f1e94e516bfdf30c32e4e1a5fa6b891712629004152
SSDEEP

768:xJyhwV/E/ZhyedF9O8WPtqEHwIHYQ4jSAEtSPIpKqwLPl:xuwa/PFOfPtqInB4mAumIql

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0026cd9fec37957eaf8b11e68b04ec57_JaffaCakes118

Files

0026cd9fec37957eaf8b11e68b04ec57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c27ae6a13cbc5104a301b4c249dc93c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadImageA
MessageBoxA

advapi32

RegOpenKeyExA
RegGetKeySecurity

wininet

InternetOpenA
HttpQueryInfoA
InternetReadFile
InternetSetOptionA
InternetCloseHandle
InternetOpenUrlA

kernel32

VirtualProtect
GetSystemInfo
GetVersionExA
GetLocaleInfoA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetVolumeInformationA
GetProcessPriorityBoost
GetSystemDirectoryA
GetStartupInfoA
CreateDirectoryA
OpenProcess
GetFileTime
GetFileType
GetEnvironmentVariableA
LoadLibraryA
CloseHandle
OpenMutexA
CreateMutexA
CreateFileA
CreateProcessA
WriteFile
ExitProcess
GetTickCount
DeleteFileA
Sleep
CopyFileA
GetModuleFileNameA
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
RtlUnwind
GetCommandLineA
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapSize
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
SetStdHandle

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c27ae6a13cbc5104a301b4c249dc93c1

Headers

File Characteristics

Imports

user32

advapi32

wininet

kernel32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 7KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 7KB