JaffaCakes118_6c0d49ae62fcae54b6a55ed54e2c4ab0

General

Target

JaffaCakes118_6c0d49ae62fcae54b6a55ed54e2c4ab0
Size

740KB
MD5

6c0d49ae62fcae54b6a55ed54e2c4ab0
SHA1

f3bf56d0e7c73e9930c8743e6a47c042f8eeeb6e
SHA256

8de785743381674a4212b91fcb1a876dbf6c830beb2e424d29729675aab60b43
SHA512

f865e0be6c3d3d0813775ebf59d25065c2cdb87368ed5283bc7e1a8cd0b24f9e0fde10af6d37822fa3a5ad10cced2233de6c26f9ae41b23fa1b5500a420f6834
SSDEEP

12288:Nori4cphZvBNJJGdwOl/EmOWbHVztBSlgG/2jKHvJnzAzdjW8pCKkL3:Mi4cTZvBNidzSoVti+jKP5Azda8pCKkL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6c0d49ae62fcae54b6a55ed54e2c4ab0

Files

JaffaCakes118_6c0d49ae62fcae54b6a55ed54e2c4ab0
.exe windows:4 windows x86 arch:x86

64ca1b8c04c9ee72121c1071c9d32c42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GlobalGetAtomNameA
GetModuleFileNameW
FreeLibrary
GetProcAddress
WritePrivateProfileStringW
lstrlenW
GlobalSize
LockResource
LoadLibraryW
MultiByteToWideChar
DeleteCriticalSection
Sleep
GetModuleHandleW
EnumResourceTypesA
InitializeCriticalSection
LoadResource
GetVersionExA
GetPrivateProfileStringW
GetVersionExW
FindFirstFileW
GetCPInfo
MulDiv
GetPrivateProfileIntW
LoadLibraryA
GetTickCount
GetLocaleInfoW

wininet

InternetConnectA
InternetErrorDlg
InternetReadFile
HttpOpenRequestA
InternetCrackUrlA
HttpQueryInfoA
InternetCloseHandle
InternetTimeToSystemTime
HttpSendRequestA
InternetOpenA
InternetTimeFromSystemTime

shell32

DllGetVersion
SHGetFolderPathW
SHBrowseForFolderA
SHGetFileInfoA
SHGetPathFromIDListA
ShellExecuteW
ShellExecuteExW
SHFileOperationW
CommandLineToArgvW
ShellExecuteExA
Shell_NotifyIconA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 572KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

64ca1b8c04c9ee72121c1071c9d32c42

Headers

File Characteristics

Imports

kernel32

wininet

shell32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 1KB - Virtual size: 397KB

.data Size: 77KB - Virtual size: 76KB

.rsrc Size: 572KB - Virtual size: 2.3MB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 1KB - Virtual size: 397KB

.data
Size: 77KB - Virtual size: 76KB

.rsrc
Size: 572KB - Virtual size: 2.3MB