272dd4226852007ac42ebd535696dbfa_JaffaCakes118

General

Target

272dd4226852007ac42ebd535696dbfa_JaffaCakes118
Size

168KB
MD5

272dd4226852007ac42ebd535696dbfa
SHA1

73fd2cec0d7d02f1383ab2d45ec8bae96c1ef16e
SHA256

67b93c9db93e4341b7d2e08111e40032f9ee7acbe0465f85088554e7c504dcb7
SHA512

6668e5826bbeef45dd32dd787a8383ba3ea3d6ab323ec0363c8616d1defc94f1e59d21906ec0a7a6fe51b57fa275ed3f4632f6fe6eb8004b706c677e835a7593
SSDEEP

3072:Nh2g5c0BAwnpVCOOrDdmuoNecxESCsCCT95VmNbQhefKEd9kIc5GvUmmoo/CxAe:Nh2lECOOHr63x/CshT95UK2ccrkCxT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
272dd4226852007ac42ebd535696dbfa_JaffaCakes118

Files

272dd4226852007ac42ebd535696dbfa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b056dcc3db05f8d919443e1d9854009f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetModuleFileNameA
FindFirstFileA
FindClose
SetEndOfFile
SetEnvironmentVariableA
CreateFileA
LoadLibraryA
GetOEMCP
GetACP
SetStdHandle
ReadFile
CreateProcessA
WaitForSingleObject
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
GetSystemTimeAsFileTime
GetLastError
DeleteFileA
RaiseException
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
HeapSize
GetFileAttributesA
WriteFile
SetFilePointer
FlushFileBuffers
CloseHandle
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetProcAddress
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetExitCodeProcess
GetLocaleInfoW

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

wininet

InternetConnectA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
HttpOpenRequestA
InternetOpenA

urlmon

URLDownloadToFileA

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b056dcc3db05f8d919443e1d9854009f

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

wininet

urlmon

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 12KB - Virtual size: 16KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 12KB - Virtual size: 16KB