JaffaCakes118_5cd508cb8ee5797f23c46f9da1aa8413

General

Target

JaffaCakes118_5cd508cb8ee5797f23c46f9da1aa8413
Size

275KB
MD5

5cd508cb8ee5797f23c46f9da1aa8413
SHA1

7ec0610727ea741e9d2220a569475902add3081c
SHA256

1a4bcc2f1c656805ee2fd5dc76e9d5a553e2f6fe1668ba4f9b0a381dd221d162
SHA512

4b027270bcc92c6ba79e489b38432dd05b8f64ed55f065db961424f670fc9205d1e421397478947667fcd7725cd05bea026249582a2555b2fc91604b25811dbd
SSDEEP

6144:+2ShGGlm5OknD69IpLyZfKr7/xDPnzENB/Duo8q00j5D3:uZm5OWIg0fwZbENB7N8q0093

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5cd508cb8ee5797f23c46f9da1aa8413

Files

JaffaCakes118_5cd508cb8ee5797f23c46f9da1aa8413
.exe windows:4 windows x86 arch:x86

b9672a12c8bb9ea251b9ea96df92c09b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GlobalLock
GlobalGetAtomNameA
FindClose
lstrlenW
MulDiv
FreeLibrary
LockResource
GlobalAlloc
DeleteCriticalSection
Sleep
LoadLibraryW
GetModuleFileNameW
FindResourceW
GetPrivateProfileStringW
LoadLibraryA
GetPrivateProfileIntW
GetVersionExW
GetModuleHandleW
GlobalUnlock
GetTickCount
FindNextChangeNotification
EnumResourceTypesW
GetCurrentDirectoryW
FindFirstChangeNotificationW
GlobalSize
WaitForSingleObject
IsDBCSLeadByte
FindFirstFileW
InitializeCriticalSection
WritePrivateProfileStringW
GetProcAddress
LoadResource
CloseHandle
MultiByteToWideChar
FindCloseChangeNotification
GetLocaleInfoW

shell32

SHGetImageList
SHBrowseForFolderA
ShellExecuteW
SHGetPathFromIDListA
SHGetFolderPathW
SHGetFileInfoA
CommandLineToArgvW
ShellExecuteExA
ShellExecuteExW
SHFileOperationW
Shell_NotifyIconA

wininet

InternetTimeToSystemTime
InternetErrorDlg
InternetCloseHandle
InternetOpenA
InternetCrackUrlA
HttpQueryInfoA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetTimeFromSystemTime

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9672a12c8bb9ea251b9ea96df92c09b

Headers

File Characteristics

Imports

kernel32

shell32

wininet

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 2KB - Virtual size: 137KB

.data Size: 149KB - Virtual size: 148KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 2KB - Virtual size: 137KB

.data
Size: 149KB - Virtual size: 148KB

.rsrc
Size: 512B - Virtual size: 4KB