JaffaCakes118_b6d64cb1447b5c2c221bf6aa3cb61d24

General

Target

JaffaCakes118_b6d64cb1447b5c2c221bf6aa3cb61d24
Size

165KB
MD5

b6d64cb1447b5c2c221bf6aa3cb61d24
SHA1

5658f8596baa65cfc2dff4a942e3b3928f09ee00
SHA256

2d58034aa7885c956b4d460b59979ecb74e0e4b3f4690b8b2dbb5dfa5c855293
SHA512

0cc1939441e298aae4f4bd2daa2c992223e2d69a7889304c7dc3fb81423826917b5e01a759034bb337c11ef94ceb2fab1ec543acf4405cc0f0c53ad5bfbb170f
SSDEEP

3072:rDSbSLmyts3JgpAOV2E/RhNpgULX8LHodser6D8g8tFlr7pJa8ihWIpRq5M:nkSLmytGJ+VX/lpgUILIdX6P8J5Ja8I1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b6d64cb1447b5c2c221bf6aa3cb61d24

Files

JaffaCakes118_b6d64cb1447b5c2c221bf6aa3cb61d24
.exe windows:4 windows x86 arch:x86

e4814b91884ad39d7b86362eb5b5c7ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GlobalGetAtomNameA
LoadLibraryW
GetCurrentDirectoryW
WaitForSingleObject
LockResource
FindFirstFileW
GetModuleFileNameW
GetPrivateProfileIntW
FindNextChangeNotification
FindCloseChangeNotification
GetProcAddress
GetVersionExA
MultiByteToWideChar
CloseHandle
LoadResource
EnumResourceTypesW
GetTickCount
GlobalLock
GlobalUnlock
MulDiv
GetVersionExW
WritePrivateProfileStringW
GetPrivateProfileStringW
FindResourceW
IsDBCSLeadByte
Sleep
GlobalAlloc
FreeLibrary
InitializeCriticalSection
FindFirstChangeNotificationW
lstrlenW
FindClose
GlobalSize
GetModuleHandleW
LoadLibraryA
GetLocaleInfoW

wininet

InternetTimeToSystemTime
HttpQueryInfoA
InternetCloseHandle
InternetCrackUrlA
InternetErrorDlg
HttpSendRequestA
InternetOpenA
InternetReadFile
HttpOpenRequestA
InternetConnectA
InternetTimeFromSystemTime

shell32

SHGetImageList
ShellExecuteW
SHFileOperationW
SHGetFolderPathW
CommandLineToArgvW
SHBrowseForFolderA
ShellExecuteExW
SHGetFileInfoA
SHGetPathFromIDListA
ShellExecuteExA
Shell_NotifyIconA

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4814b91884ad39d7b86362eb5b5c7ec

Headers

File Characteristics

Imports

kernel32

wininet

shell32

Sections

.text Size: 79KB - Virtual size: 78KB

.rdata Size: 2KB - Virtual size: 401KB

.data Size: 83KB - Virtual size: 82KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 2KB - Virtual size: 401KB

.data
Size: 83KB - Virtual size: 82KB

.rsrc
Size: 512B - Virtual size: 4KB