0afcb98b60bdce56265260d90f49dacb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0afcb98b60bdce56265260d90f49dacb_JaffaCakes118
Size

88KB
MD5

0afcb98b60bdce56265260d90f49dacb
SHA1

91e778f35c4af17e6f8293f6eb90a263a8f2631d
SHA256

c64a46cf51061f781db14b98c7f7bae280f894be776d404b24ce7a53c78ee8af
SHA512

ee6c3114649b824c6f933f8f1f8b35d5775bb873cb82ebba9ef89e20d5889eaece75932a0df312aec133e5333211e5b7a31beba968493736565a044930d2b80d
SSDEEP

1536:XSHWeyqOJ22M4YiNENMWZ21yWLolfKRKQbgNnoLK:XSHXW22M4YBNMWZeLooAQENnoW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0afcb98b60bdce56265260d90f49dacb_JaffaCakes118

Files

0afcb98b60bdce56265260d90f49dacb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19f63f3a5b1596c4faf2cf9939826c8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetConnectedState

kernel32

LoadLibraryA
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
InitializeCriticalSection
DeleteCriticalSection
GetLastError
CreateFileMappingA
OpenFileMappingA
CloseHandle
UnmapViewOfFile
MapViewOfFile
WaitForSingleObject
CreateMutexA
ReleaseMutex
GetTempPathA
CreateThread
ExitThread
GetCurrentThreadId
CreateEventA
ResetEvent
SetEvent
lstrcmpiA
ResumeThread
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
ReadFile
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetProcAddress
FreeLibrary
EnterCriticalSection
GetSystemDirectoryA
LeaveCriticalSection
SetEnvironmentVariableA
GetEnvironmentStringsW
SetFileAttributesA
DeleteFileA
UnhandledExceptionFilter
GetLocalTime
GetModuleHandleA
GetCurrentProcess
TerminateProcess
HeapSize
IsBadWritePtr
HeapReAlloc
WriteFile
VirtualFree
HeapCreate
VirtualAlloc
LocalFree
RtlUnwind
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
LCMapStringW
RaiseException
LCMapStringA
HeapDestroy

user32

DestroyWindow
IsWindowVisible
SetTimer
PeekMessageA
WaitMessage
IsWindow
SendMessageA
BeginPaint
GetClientRect
EndPaint
PostQuitMessage
DefWindowProcA
LoadStringA
CreateWindowExA
ShowWindow
UpdateWindow
LoadCursorA
RegisterClassExA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostThreadMessageA

advapi32

RegCreateKeyA
RegSetValueExA
RegCloseKey

ole32

CoCreateInstance
OleRun
CoInitializeEx

oleaut32

VariantCopyInd
SysStringLen
VariantInit
VariantClear
SysFreeString
GetErrorInfo

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19f63f3a5b1596c4faf2cf9939826c8c

Headers

File Characteristics

Imports

wininet

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 448B

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 448B