410b2a43454b29fb4857020824fb4e4d_JaffaCakes118

General

Target

410b2a43454b29fb4857020824fb4e4d_JaffaCakes118
Size

20KB
MD5

410b2a43454b29fb4857020824fb4e4d
SHA1

64cc0b9f05fecb197cec0b114b735e6b73a88553
SHA256

e61325187f2a08369fce582eef6fc13cfff663406ade15e6cb0782f37e95c354
SHA512

246e4a6f1f2a2935f42a062ec05ef80ad72839c0cf509380b37a52f478300deb93d1aecdcfbdd71c87ad3f8f65ad72e9ece8ba929d41459a798aacb520301344
SSDEEP

192:YAEP/WF37lR3ZJ5rXIsZ9BC/RXllgP988M1YuX4q:TnxX50sZ9g/Fb4zuX1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
410b2a43454b29fb4857020824fb4e4d_JaffaCakes118

Files

410b2a43454b29fb4857020824fb4e4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e3c0ce7b9f950a8cc4ff55f0498238b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cmid32

UninstallHook
InstallHook

user32

SetTimer
SendMessageA
RegisterClassExA
PostQuitMessage
OpenClipboard
KillTimer
GetWindowTextA
GetMessageA
TranslateMessage
GetClipboardData
GetClassNameA
FindWindowExA
FindWindowA
DispatchMessageA
DefWindowProcA
CreateWindowExA
CloseClipboard
wsprintfA
GetForegroundWindow

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
WriteFile
WinExec
SystemTimeToFileTime
SetFilePointer
RtlZeroMemory
ReadFile
GlobalUnlock
CloseHandle
CompareStringA
CreateFileA
ExitProcess
GetCommandLineA
GetFileSize
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetSystemTime
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
GetUserNameA
RegOpenKeyA

wsock32

recv
inet_ntoa
socket
inet_addr
htons
gethostbyname
connect
send
WSAStartup
closesocket

wininet

InternetGetConnectedState
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntryA

urlmon

URLDownloadToFileA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9e3c0ce7b9f950a8cc4ff55f0498238b

Headers

File Characteristics

Imports

cmid32

user32

kernel32

advapi32

wsock32

wininet

urlmon

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 81KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 81KB