JaffaCakes118_0548478fc4d1343ef0b9041c01750f77

General

Target

JaffaCakes118_0548478fc4d1343ef0b9041c01750f77
Size

166KB
MD5

0548478fc4d1343ef0b9041c01750f77
SHA1

08bd7502a46567d3cc213f2569cd5b6e79ea9c94
SHA256

205ee3397aaacd58eedf3494f2c3f71007a27888de0d4bd1f718a65d067a980d
SHA512

a227694c956173a78a878ab9c3c619a3ce5ceb146cf7dc6f672def16beede630670c00b756cf03c9dc9e791a14ce845fc6d1293b00b74fe2be8a4c6cd1160393
SSDEEP

3072:nYLcSldf4pukdE3ats+J8vMtDS4AmN0mWotFowQjaxmiKqd1NDfCJyc:nYgS34HdE/+J8vQDWotFvQjaIiKqdrDG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0548478fc4d1343ef0b9041c01750f77

Files

JaffaCakes118_0548478fc4d1343ef0b9041c01750f77
.exe windows:4 windows x86 arch:x86

2bd29d02657b8e54014804c8457e7333

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GlobalSize
lstrlenW
FindFirstChangeNotificationW
WaitForSingleObject
LoadLibraryA
FindNextChangeNotification
FindCloseChangeNotification
InitializeCriticalSection
GetCurrentDirectoryW
GetModuleHandleW
LoadResource
LoadLibraryW
GlobalLock
FindClose
FindResourceW
GetVersionExA
DeleteCriticalSection
GetTickCount
EnumResourceTypesW
GetModuleFileNameW
GetPrivateProfileIntW
FindFirstFileW
GetProcAddress
GetVersionExW
CloseHandle
LockResource
WritePrivateProfileStringW
IsDBCSLeadByte
MulDiv
GlobalAlloc
MultiByteToWideChar
GlobalUnlock
FreeLibrary
Sleep
GetPrivateProfileStringW
GetLocaleInfoW

shell32

SHGetImageList
SHBrowseForFolderA
ShellExecuteExA
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
SHFileOperationW
SHGetFolderPathW
SHGetFileInfoA
SHGetPathFromIDListA
Shell_NotifyIconA

wininet

HttpOpenRequestA
InternetErrorDlg
InternetCloseHandle
InternetOpenA
HttpSendRequestA
InternetTimeToSystemTime
InternetReadFile
InternetCrackUrlA
InternetConnectA
HttpQueryInfoA
InternetTimeFromSystemTime

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bd29d02657b8e54014804c8457e7333

Headers

File Characteristics

Imports

kernel32

shell32

wininet

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 2KB - Virtual size: 401KB

.data Size: 76KB - Virtual size: 76KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 2KB - Virtual size: 401KB

.data
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 512B - Virtual size: 4KB