17fbaae23b194617b1930b52223261ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17fbaae23b194617b1930b52223261ea_JaffaCakes118
Size

74KB
MD5

17fbaae23b194617b1930b52223261ea
SHA1

4f7493c79aadb7d28482b0014ae31e947f8e5ed9
SHA256

ef60d5df6906ce4283e7e0434c3adbfcad0b7bf3f051618fe9960c70dd925525
SHA512

6b21612ec4445ba1f4afdd9a81322949c62491645e7dda99e601b392977decd49dd330b966300994ced8110049b5822781b17b963d799fab642336a1b28aade1
SSDEEP

1536:5qWkKI/nWm3WHtxU+Wnjk00WOfl0ImiDA6:FSs06l043

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17fbaae23b194617b1930b52223261ea_JaffaCakes118

Files

17fbaae23b194617b1930b52223261ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3aab59ae88afccea118590196bd63a6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
lstrlenA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
lstrcpyA
WinExec
GetWindowsDirectoryA
DeleteFileA
CloseHandle
WriteFile
GetCurrentProcessId
lstrcatA
CreateFileA
ReadFile
GetFileSize
DeleteCriticalSection
GetTickCount
Sleep
CreateProcessA
CopyFileA
ExitProcess
GetModuleHandleA
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCPInfo
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetModuleFileNameA
InterlockedExchange
GetOEMCP
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
IsBadWritePtr
VirtualFree
HeapCreate
GetCommandLineA
GetStartupInfoA
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery

user32

RegisterClassA
wsprintfA
SetTimer
SendMessageA
FindWindowA
TranslateMessage
DispatchMessageA
GetMessageA
CreateWindowExA
DefWindowProcA

advapi32

RegDeleteValueA
RegCloseKey
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
CloseServiceHandle
RegOpenKeyA

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetOpenUrlA

ws2_32

gethostbyname
inet_ntoa
WSAStartup

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3aab59ae88afccea118590196bd63a6c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

ws2_32

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB