538ece115716be561d2e2bbcf71d193b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

538ece115716be561d2e2bbcf71d193b_JaffaCakes118
Size

44KB
MD5

538ece115716be561d2e2bbcf71d193b
SHA1

dcf8c287621e89a05ad3cbf4b071d8e08b38eabb
SHA256

e2ee4eab5a91d2e19785010665f5b7c89b674bd106a0da3a0d80aeec58cd8772
SHA512

d55657a8bbeeb007c904bb7cdc10d6b8d5a54f1310d715c98d6ffde3edc79957b29e5d028f10680bd3ec9d1e221ba6f12e807619cee2ea49f493a119b667549a
SSDEEP

768:07YCwclIX2SFfVdPmch53cmnzlmqB9qVLyqOwglji:LRN2S5T13DzlRsFglji

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
538ece115716be561d2e2bbcf71d193b_JaffaCakes118

Files

538ece115716be561d2e2bbcf71d193b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eeda826ca7119e4fa920429a6bb71c93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
PeekNamedPipe
CreateProcessA
CloseHandle
CreatePipe
SetFilePointer
CreateFileA
CopyFileA
GetLastError
GetEnvironmentVariableA
GetDriveTypeA
GetLogicalDrives
GetCurrentDirectoryA
WaitForSingleObject
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
DeleteFileA
GetFileSize
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
GetModuleFileNameA
GetModuleHandleA
WriteFile
TerminateProcess
GetComputerNameA
GetVersionExA
lstrcpynA
SetCurrentDirectoryA
Sleep
GetStartupInfoA

advapi32

RegSetValueExA
GetUserNameA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA

shlwapi

StrStrIA

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

ws2_32

closesocket
WSASetLastError
WSAStartup
WSACleanup
select
__WSAFDIsSet
connect
htons
send
recv
ntohl
inet_addr
gethostbyname
socket
WSAGetLastError
ioctlsocket

msvcrt

_strupr
_strdup
_strnicmp
_controlfp
_except_handler3
__set_app_type
_stricmp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
srand
_splitpath
time
printf
strstr
??2@YAPAXI@Z
??3@YAXPAX@Z
rand
atoi
strncmp
isdigit
isalpha
free
strchr
sprintf

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eeda826ca7119e4fa920429a6bb71c93

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

wininet

ws2_32

msvcrt

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 872B

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 872B