0065edf691ade3eafac1b5898ff62f21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0065edf691ade3eafac1b5898ff62f21_JaffaCakes118
Size

132KB
MD5

0065edf691ade3eafac1b5898ff62f21
SHA1

11b6b4f0d7393de695079f19d26c8aa9972e12b6
SHA256

df275ed97c1f74281e7ba6d8f19b161fa407c4774e1def686aab37a234b50423
SHA512

5d724b843036efb5a755f408aba9194b5ab8164a8f34f939ee3d6571ffc7a61f1ae4cf6834266a103bdf58b3403d53bcbb4adcde582fc76773c2641255a0f354
SSDEEP

3072:cuDdjfNF5zN0dAeCKYczSYTXIJHevAWLKJARclzs9:hjfNL+srWTXMHsAWXus

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0065edf691ade3eafac1b5898ff62f21_JaffaCakes118

Files

0065edf691ade3eafac1b5898ff62f21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

052927c2e02af112416382a52b7da0c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Projects\Source\Client\BundleInstall\Debug\BundleInstall.pdb

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetGetConnectedState
InternetCloseHandle
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
HttpQueryInfoA

comctl32

ord17

wsock32

recv
WSASetLastError
WSAStartup

kernel32

GetSystemInfo
VirtualProtect
ReadFile
SetEndOfFile
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
GetTickCount
DeleteFileA
CloseHandle
WriteFile
CreateFileA
GetLastError
GetTempFileNameA
GetTempPathA
InitializeCriticalSection
DeleteCriticalSection
GetSystemDirectoryA
InterlockedIncrement
WideCharToMultiByte
lstrlenW
InterlockedDecrement
GetModuleFileNameA
CreateDirectoryA
GetVersionExA
Sleep
RemoveDirectoryA
GetWindowsDirectoryA
MoveFileExA
CopyFileA
WritePrivateProfileStringA
GetProcAddress
LoadLibraryA
WaitForSingleObject
CreateProcessA
GetStartupInfoA
SetFileAttributesA
GetFileAttributesA
lstrcmpiA
GetTimeZoneInformation
GetModuleHandleA
FindClose
FindNextFileA
FindFirstFileA
HeapFree
HeapAlloc
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
OutputDebugStringA
LCMapStringW
LCMapStringA
HeapDestroy
GetStdHandle
SetHandleCount
GetFileType
SetStdHandle
HeapSize
TerminateProcess
HeapReAlloc
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
CompareStringA
CompareStringW
SetEnvironmentVariableA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
FreeLibrary
PeekNamedPipe
VirtualQuery
InterlockedExchange
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetCommandLineA
GetCurrentThreadId
SystemTimeToFileTime
LocalFileTimeToFileTime
MultiByteToWideChar
lstrlenA
LocalFree
RtlUnwind
ExitProcess
RaiseException
FlushFileBuffers
SetFileTime

user32

GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
CreateWindowExA
GetClientRect
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
DefWindowProcA
PostQuitMessage
DestroyWindow
GetWindowRect
MoveWindow
PostMessageA
KillTimer
SetWindowTextA
ShowWindow
GetDesktopWindow

advapi32

RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

ole32

OleInitialize
StringFromGUID2
OleRun
CoCreateInstance
OleUninitialize

oleaut32

LoadTypeLi
VariantClear
VariantInit
SysFreeString
DispGetIDsOfNames
SysAllocString

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

052927c2e02af112416382a52b7da0c3

Headers

File Characteristics

PDB Paths

Imports

version

wininet

comctl32

wsock32

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 2KB