56ad6d0a16a99127f761483255f673ff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

56ad6d0a16a99127f761483255f673ff_JaffaCakes118
Size

154KB
MD5

56ad6d0a16a99127f761483255f673ff
SHA1

52a7e1e8a54c5734d5184dd6f238537b1618d20d
SHA256

ddf61281568c9d1f2026257fc8d011a4e803b42193087be55804130a3b98b25c
SHA512

d6c50e4a2db74342334392bda39976dff12b9ad68c9707c3d35e887f27210656431d9a54d0b32084d49ff330b25823f9d33185a1a5e0d17b37db58a85c09fd2a
SSDEEP

3072:1t6pTDVWyiXMjle6L/URBNkb5w1pT+Yp+RJo/cjpxCdkQJbeEWxsLQp:YEyjc6bCPV3T+vRucjpoFSEbLQp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56ad6d0a16a99127f761483255f673ff_JaffaCakes118

Files

56ad6d0a16a99127f761483255f673ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

488eea61465f89198e617faeaafcf20f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
EnterCriticalSection
EnumResourceLanguagesA
ExitProcess
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
HeapAlloc
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
RemoveDirectoryA
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsGetValue
UnmapViewOfFile
lstrcmpA
lstrlenA

user32

MessageBoxA
MessageBoxIndirectA
EmptyClipboard
DefDlgProcA

advapi32

RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA

ole32

CoUninitialize
OleInitialize
OleUninitialize
WriteFmtUserTypeStg
CoCreateGuid
CoCreateInstance
CoDisconnectObject
CoGetClassObject
CoInitialize

wininet

InternetSetFilePointer
InternetSetOptionExA
InternetWriteFile
InternetQueryDataAvailable
InternetGetLastResponseInfoA
InternetGetCookieA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
InternetCanonicalizeUrlA
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetReadFile

shell32

SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
Shell_NotifyIconA
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteA
SHGetPathFromIDListA
SHBindToParent

Sections

.text
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

488eea61465f89198e617faeaafcf20f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

wininet

shell32

Sections

.text Size: 15KB - Virtual size: 16KB

.rdata Size: 27KB - Virtual size: 28KB

.data Size: 93KB - Virtual size: 96KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 15KB - Virtual size: 16KB

.text
Size: 15KB - Virtual size: 16KB

.rdata
Size: 27KB - Virtual size: 28KB

.data
Size: 93KB - Virtual size: 96KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 16KB