3dc961f2e10d0a9bfce9bd5084d23efb_JaffaCakes118

General

Target

3dc961f2e10d0a9bfce9bd5084d23efb_JaffaCakes118
Size

23KB
MD5

3dc961f2e10d0a9bfce9bd5084d23efb
SHA1

af877254ca903e195db1a6a26a966f5cc981f3ce
SHA256

cdf035dd8d9e8b5afd8bcce110b3ec52e710b0ad2a720be023d2e201ff543fe9
SHA512

75cdcef3b7843bf8089fee76c45465f5d3dc733f031f5bd39ca746fd9c338c0936554c694b1906a60bb1d5b86d71b8fb1f042004e97e87d5dbdeec16c94656b0
SSDEEP

384:y6Dmg7pUwB/twSRFsB6rMqWv6VMMD+I+U6rhhpz3L4FcvWEi+zKFRWLrWiLLWoaT:ySuDSV06iMD+I4hh3L0WkTKLakLWTRZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dc961f2e10d0a9bfce9bd5084d23efb_JaffaCakes118

Files

3dc961f2e10d0a9bfce9bd5084d23efb_JaffaCakes118
.exe windows:1 windows x86 arch:x86

870fad32386a75d18a2b28fcb567f352

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA

wininet

InternetCloseHandle
InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetReadFile

urlmon

URLDownloadToFileA

kernel32

GetCommandLineA
GetCurrentDirectoryA
GetDriveTypeA
GetFileAttributesA
GetFileSize
GetFileTime
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetStdHandle
GetTickCount
GetVersion
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
CopyFileA
MoveFileA
ReadFile
RtlUnwind
RtlZeroMemory
CreateFileA
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
SystemTimeToFileTime
WaitForSingleObject
WriteConsoleA
WriteFile
DeleteFileA
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA

user32

GetForegroundWindow
MessageBoxA
wvsprintfA

advapi32

RegCloseKey
RegConnectRegistryA
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

crtdll

__GetMainArgs
_strnicmp
exit
gmtime
localtime
mktime
raise
signal
strcat
strchr
strncmp
strncpy

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 788B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 628B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

870fad32386a75d18a2b28fcb567f352

Headers

File Characteristics

Imports

shell32

wininet

urlmon

kernel32

user32

advapi32

crtdll

Sections

.text Size: 18KB - Virtual size: 18KB

.bss Size: - Virtual size: 788B

.data Size: 628B - Virtual size: 628B

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.bss
Size: - Virtual size: 788B

.data
Size: 628B - Virtual size: 628B

.idata
Size: 2KB - Virtual size: 2KB