0b4e367a70e545c0b5db45d334c809ca_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0b4e367a70e545c0b5db45d334c809ca_JaffaCakes118
Size

34KB
MD5

0b4e367a70e545c0b5db45d334c809ca
SHA1

5c4ba6b758abf71a79672fe42767ea640c9bbdb5
SHA256

f4a286942dfa7733a052c0dc54f58088d61b45ec06268f2e2dfdf6ceaa740076
SHA512

bf3319fbf1b5a23296d95d8a38e5d6ea4799d5efff87f28d0d46721f5e2be537a6c773968d3645083335858341436e763cb825f51077fba58bcd09b484ce61cc
SSDEEP

384:EWBUT/IZ5FZq2dgEiZrnAzzTLR9OLXAE1A87XqeZXGgndaOKG4UCoxmDNSkPv1Am:l8wZ36WXewwn6XgcOKnUCEtmHnT8lud

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b4e367a70e545c0b5db45d334c809ca_JaffaCakes118

Files

0b4e367a70e545c0b5db45d334c809ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe2fbc0422d7e58cab4bf3445c817c14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strncmp
atof
strcpy
strlen
strncpy
strcat
localtime
mktime
_strnicmp
gmtime

user32

wsprintfA
KillTimer
SetTimer
wvsprintfA
LoadCursorA
LoadIconA
RegisterClassA
GetSysColor
PeekMessageA
GetActiveWindow
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
AdjustWindowRect
GetSystemMetrics
GetWindowRect
CreateWindowExA
ShowWindow
SetWindowLongA
GetMessageA
GetClassNameA
GetWindowLongA
PostMessageA
GetParent
DefWindowProcA
SendMessageA
GetWindow
EnableWindow
SetWindowPos
SetFocus
SetActiveWindow
DestroyWindow
UnregisterClassA
DestroyAcceleratorTable
IsWindowEnabled
IsWindowVisible
GetFocus
IsChild
EnumChildWindows
GetKeyState
CreateAcceleratorTableA
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
SetCapture
GetCursorPos
MapWindowPoints
ReleaseCapture
MoveWindow

advapi32

RegCreateKeyA
RegSetValueExA
RegCloseKey

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

urlmon

URLDownloadToFileA

gdi32

CreateBrushIndirect

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
GetModuleFileNameA
GetEnvironmentVariableA
GetCurrentDirectoryA
HeapDestroy
HeapReAlloc
FreeLibrary
GetProcAddress
HeapAlloc
LoadLibraryA
IsBadReadPtr
HeapFree
GlobalFree
GlobalAlloc
WaitForSingleObject
GetTickCount
Sleep
DeleteFileA
CreateFileA
CloseHandle
ReadFile
SetFilePointer
GetFileSize
WriteFile
GetLocalTime

shell32

FindExecutableA
ShellExecuteExA

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 1024B - Virtual size: 617B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe2fbc0422d7e58cab4bf3445c817c14

Headers

File Characteristics

Imports

crtdll

user32

advapi32

wininet

urlmon

gdi32

kernel32

shell32

Sections

.text Size: 29KB - Virtual size: 29KB

.data Size: 3KB - Virtual size: 4KB

.flat Size: 1024B - Virtual size: 617B

.text
Size: 29KB - Virtual size: 29KB

.data
Size: 3KB - Virtual size: 4KB

.flat
Size: 1024B - Virtual size: 617B