13b3d04d6099b5ca691d4020a3b03f90_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

13b3d04d6099b5ca691d4020a3b03f90_JaffaCakes118
Size

56KB
MD5

13b3d04d6099b5ca691d4020a3b03f90
SHA1

a97f0b290fd6792482c6245158c54f64496456c8
SHA256

a826ec8d4566c6036754249801ee83c4f13a465a3cb319bb7d0e879976ddf9c5
SHA512

7859a3350da1cae94f29a74d75ff96639eaf8cb4d52150ca5c3688cccf924c08434d3440709367b2b2d51009097285587cc584b3d389abb9578eaf1244424e83
SSDEEP

768:LZP4MO95vS7LoXDfjP/83xUyB77xUoqWaBAundYK+cY2PqK:tP4MO95vS7LYaBXx6WaLCKmW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13b3d04d6099b5ca691d4020a3b03f90_JaffaCakes118

Files

13b3d04d6099b5ca691d4020a3b03f90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40bcefd4d4f0f57e98428d54a59ccd74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetOpenUrlA
InternetCanonicalizeUrlA
InternetOpenA
InternetCloseHandle

kernel32

OutputDebugStringA
GetModuleHandleA
GetLastError
CreateProcessA
CreateDirectoryA
WriteFile
CreateFileA
OpenMutexA
FindFirstFileA
lstrcatA
lstrcpyA
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CloseHandle
LCMapStringW
GetProcAddress
LoadLibraryA
SetStdHandle
FindClose
RtlUnwind
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FlushFileBuffers
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW

user32

LoadStringA
wsprintfA
MessageBoxA

advapi32

RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyA

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysStringLen
SysAllocString
SysFreeString

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40bcefd4d4f0f57e98428d54a59ccd74

Headers

File Characteristics

Imports

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 264B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 264B