075034fd350cfc325b1c9a8dbbdac685_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

075034fd350cfc325b1c9a8dbbdac685_JaffaCakes118
Size

68KB
MD5

075034fd350cfc325b1c9a8dbbdac685
SHA1

6b8fc9610ef5c9456eaf10ce791395299a631c39
SHA256

7b765c75ddc3c82e9ac070500370f1b0505a7d4a3716983a67c6e1b9da80ddf0
SHA512

69f8d649afd39e593a26aa233e9d550ebe8bf9640584b3c16c11c5d2482d11dab202011756d70ec7be8ff3fa7953ff6dc27aa4a6aa3439cb7f36ba433f06090e
SSDEEP

1536:IG6kHzJjKRaB6+FJFyKp6NBjz8Nf1wUN51b8c:BHzJ2WtiC6NBv8N9wUN5h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
075034fd350cfc325b1c9a8dbbdac685_JaffaCakes118

Files

075034fd350cfc325b1c9a8dbbdac685_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3217630d665543c744273d0e83fb7ae8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA
PathFileExistsA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wininet

HttpAddRequestHeadersA
HttpOpenRequestA
HttpSendRequestExA
InternetOpenA
InternetWriteFile
InternetCloseHandle
HttpEndRequestA
InternetReadFile
InternetConnectA

winmm

timeGetTime

cryptapi

ord3
ord1
ord2

kernel32

GetCommandLineA
lstrcmpiA
lstrcpyA
DeleteAtom
GlobalAddAtomA
CreateFileA
DeviceIoControl
GlobalMemoryStatus
GetUserDefaultLCID
GetLocaleInfoA
ExitProcess
GetModuleFileNameA
GetCurrentProcess
GetVersionExA
GetModuleHandleA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
GetLastError
lstrcmpA
CloseHandle
lstrlenA
lstrcpynA
lstrcatA
GetSystemInfo

user32

GetDesktopWindow
DialogBoxParamA
EndDialog
SetDlgItemTextA
SetWindowPos
GetDlgItem
GetWindowLongA
SetPropA
SetCursor
wsprintfA
IsCharAlphaNumericA
GetSystemMetrics
RemovePropA
SetWindowLongA
CallWindowProcA
GetPropA
ReleaseDC
DrawFocusRect
GetDC
ScreenToClient
GetWindowRect
GetParent
LoadCursorA
SetCapture
SendMessageA
GetClientRect
InvalidateRect
ReleaseCapture

gdi32

CreateFontIndirectA
SetTextColor
DeleteObject
GetObjectA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteExA

ole32

CoUninitialize
CoInitialize
CoCreateGuid

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3217630d665543c744273d0e83fb7ae8

Headers

File Characteristics

Imports

shlwapi

version

wininet

winmm

cryptapi

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 104B

.rsrc Size: 512B - Virtual size: 476B

.vmp0 Size: 50KB - Virtual size: 49KB

.reloc Size: 1024B - Virtual size: 528B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 104B

.rsrc
Size: 512B - Virtual size: 476B

.vmp0
Size: 50KB - Virtual size: 49KB

.reloc
Size: 1024B - Virtual size: 528B