10045232a313cc80a91fa83fd704f008_JaffaCakes118

General

Target

10045232a313cc80a91fa83fd704f008_JaffaCakes118
Size

37KB
MD5

10045232a313cc80a91fa83fd704f008
SHA1

3dbac38682b6f9490425d93f84b21174ce0d2077
SHA256

777391895d3bf28dd2aa5ec33cf67bc7aa0ccb91ed858c0aa3ee3a55df4e0853
SHA512

e1eed9868f5d5664607f5ae076a4357b29aa2f8d779a6bc74aee61e41044aebb0d6edb50da6952c6112f0c786907a52294509f1ed06a77d397f63b82fb54a12e
SSDEEP

768:DE/QqifO/ijrFO/H2WkyK60OtXdfb76G0JW2GAG:DE/RiwZkNlcD7YWAG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10045232a313cc80a91fa83fd704f008_JaffaCakes118

Files

10045232a313cc80a91fa83fd704f008_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5024780626d24841f2d35ccc7d87ea43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
GetFileSize
UnmapViewOfFile
ResumeThread
SetFileAttributesA
SetPriorityClass
GetLastError
CreateProcessA
GetShortPathNameA
GetEnvironmentVariableA
GetModuleFileNameA
WinExec
GetTempFileNameA
GetTempPathA
Sleep
MapViewOfFile
GetPrivateProfileStringA
_lclose
_lwrite
_lcreat
Process32Next
Process32First
CreateToolhelp32Snapshot
WritePrivateProfileStringA
FreeLibrary
DeviceIoControl
SetSystemTime
GetSystemTime
OutputDebugStringA
MoveFileExA
DeleteFileA
LoadLibraryA
GetProcAddress
CloseHandle
GetFileAttributesA
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
WriteFile
GetCurrentProcess
GetSystemDirectoryA
GetStartupInfoA
GetModuleHandleA

advapi32

CloseServiceHandle
QueryServiceStatus
StartServiceA
CreateServiceA
OpenSCManagerA
OpenServiceA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetOpenUrlA

shlwapi

PathAppendA
SHDeleteKeyA

msvcrt

exit
_stricmp
_controlfp
memset
strlen
strcpy
sprintf
strcat
strrchr
strcmp
atoi
strchr
_exit
_XcptFilter
_itoa
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5024780626d24841f2d35ccc7d87ea43

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

shlwapi

msvcrt

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 736B

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 736B

.rsrc
Size: 18KB - Virtual size: 17KB