3a6b3009c7b8174066bd743a6cbd2c62_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a6b3009c7b8174066bd743a6cbd2c62_JaffaCakes118
Size

49KB
MD5

3a6b3009c7b8174066bd743a6cbd2c62
SHA1

b35515ecae04f4590d7cc1dd23337962286186ee
SHA256

af196cf400ef3c6cd48ff9a828687b9747bffe77880948f2a2725f7e4e3bed3b
SHA512

181b721eec74866661f90cda1b33571fe4bc04c52a2a90901b8e778c401f7acbff13d7c6406b565d7d703ddffb92318e1be57d1e470be3ecc22cc6d863fcf355
SSDEEP

768:f0d3PE26jZuj3AjowypvsPD9pmIXy7ljqAAuYZU2aNTv9AoUC+Tyv3W:f0JPE5Qe9pm59q+56oUC+kW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a6b3009c7b8174066bd743a6cbd2c62_JaffaCakes118

Files

3a6b3009c7b8174066bd743a6cbd2c62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b7256de62f7939a58457b3a71399f3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ioctlsocket
connect
socket
htons
send
select
gethostbyname
inet_addr
WSAStartup
closesocket
recv
WSACleanup

shell32

ShellExecuteA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegSetValueExA

kernel32

LocalFree
FlushFileBuffers
SetStdHandle
RaiseException
GetProcAddress
GetOEMCP
GetACP
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
IsBadCodePtr
LoadLibraryA
ExitProcess
GetTempPathA
GetSystemDefaultLangID
Sleep
GetTickCount
ExitThread
GetVersionExA
SetFileAttributesA
CopyFileA
ExpandEnvironmentStringsA
GetModuleFileNameA
GetModuleHandleA
GetLastError
CreateMutexA
Process32Next
CloseHandle
Process32First
CreateToolhelp32Snapshot
GlobalUnlock
GlobalLock
GlobalAlloc
HeapFree
HeapAlloc
DeleteFileA
ReadFile
GetFileSize
CreateFileA
CreateThread
WaitForSingleObject
GetSystemDirectoryA
lstrcmpiA
GetLocaleInfoA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapReAlloc
GetFileType
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetVersion
GetCommandLineA
GetStartupInfoA
RtlUnwind
WriteFile
SetFilePointer
GetStringTypeA
GetStringTypeW
GetCPInfo

user32

PostMessageA
LoadCursorA
RegisterClassA
MapVirtualKeyA
IsWindowVisible
GetMenuItemID
DestroyWindow
wsprintfA
GetForegroundWindow
GetWindowThreadProcessId
EnumWindows
CreateWindowExA
GetMessageA
DispatchMessageA
TranslateMessage
PostQuitMessage
DefWindowProcA
IsWindow
FindWindowExA
BlockInput
SetForegroundWindow
ShowWindow
keybd_event
VkKeyScanA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SendMessageA
FindWindowA
GetSystemMetrics
GetClassNameA
SetFocus

urlmon

URLDownloadToFileA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
VariantInit
VariantClear

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6b7256de62f7939a58457b3a71399f3a

Headers

File Characteristics

Imports

ws2_32

shell32

advapi32

kernel32

user32

urlmon

ole32

oleaut32

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 5KB - Virtual size: 11KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 5KB - Virtual size: 11KB