438c3f05730b6bb72c471dc0da26bad7_JaffaCakes118

General

Target

438c3f05730b6bb72c471dc0da26bad7_JaffaCakes118
Size

20KB
MD5

438c3f05730b6bb72c471dc0da26bad7
SHA1

bd2174b9febb3b9f8588e5d3e8276f3e35bd4d45
SHA256

d2051605189be22e5b7f343112e77a575a4d7b4d0711109e034d37c9642382bf
SHA512

c8195f336010bef01e1bb5853493aecdf2dc3db727c82ea60a9bc2879cc552ee334ed882a24bdafafdd0e8b5e14a0d6b3d4cda0e7131c445d176979a4d10ea08
SSDEEP

384:g9AXSheg3wxTf5arKpoIGoSeToCKZkXZor0yyZM7kc2+o6q1avnG/:g9AXShh3wQbIGoSeTJyQyyZWkc2+o9MK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
438c3f05730b6bb72c471dc0da26bad7_JaffaCakes118

Files

438c3f05730b6bb72c471dc0da26bad7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

51bac7a6fe2907f0d17cb8fa3dac7b65

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
GetFileAttributesA
GetTempPathA
MultiByteToWideChar
GetTickCount
CloseHandle
WriteFile
ReadFile
CreateFileA
lstrcatA
lstrcmpA
SystemTimeToFileTime
GetLocalTime
SetFilePointer
CreateEventA
HeapFree
InterlockedExchange
RtlUnwind
GetProcessHeap
HeapAlloc
GetModuleHandleA
PulseEvent
GetProcAddress
GlobalAlloc
LoadLibraryA
VirtualQuery
GetLastError
lstrcpynA
lstrcpyA
GlobalFree

user32

IsWindow
GetParent
wsprintfA
CallWindowProcA
DestroyWindow
EnableWindow
RegisterWindowMessageA
SetWindowLongA
SetDlgItemTextA
MessageBoxA
SetWindowTextA
GetDlgItem
GetFocus
IsWindowVisible
ShowWindow
GetClientRect
GetWindowRect
CreateWindowExA
GetWindowLongA
CreateWindowExW
SendMessageA

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA

wininet

InternetCloseHandle
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetSetFilePointer

Exports

Exports

check
copy
run

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51bac7a6fe2907f0d17cb8fa3dac7b65

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB