ec26b2ea377fceafb3ff86d50a62d15b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec26b2ea377fceafb3ff86d50a62d15b_JaffaCakes118
Size

157KB
MD5

ec26b2ea377fceafb3ff86d50a62d15b
SHA1

3474ae05c3bd926eed1fb9ee95bb3ae0f17b5efd
SHA256

79e8afa6eb86ae553c59475692e847ddb4df6f6ee45fa126246308d7d0ecaec7
SHA512

475fce222b5a2a13d29491a862491443c5335af4c6082aeaea103161462217ac358f9dde78d1e0d2e1e6b8c798613ca10b9a6ab0b0386c4286e3c2ffa3f04ed0
SSDEEP

3072:rITLDcUjhVPtYjsMfuFisI4o8nnecq6U3SKbX:M3DcUjhtCZWFXbPqdSK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec26b2ea377fceafb3ff86d50a62d15b_JaffaCakes118

Files

ec26b2ea377fceafb3ff86d50a62d15b_JaffaCakes118
.exe windows:1 windows x86 arch:x86

f6ecbd09d4da9256a8221a2d90ebf22a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
CreateFileA
EnterCriticalSection
ExitProcess
GetACP
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentThreadId
GetDateFormatA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LocalAlloc
LocalFree
MultiByteToWideChar
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEnvironmentVariableA
SetFilePointer
SetHandleCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile
_lclose
_llseek
_lopen
_lread
lstrcatA
lstrlenA

wsock32

WSAStartup
closesocket
connect
gethostbyname
htons
recv
send
socket

comdlg32

GetOpenFileNameA

gdi32

BitBlt
CreateCompatibleDC
CreatePatternBrush
DeleteDC
DeleteObject
GetObjectA
GetStockObject
SelectObject
SetBkMode
SetTextColor
TextOutA

user32

CharLowerBuffA
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnumThreadWindows
GetDC
GetMessageA
GetWindowRect
GetWindowTextA
LoadBitmapA
LoadCursorA
LoadIconA
MessageBoxA
MoveWindow
PostQuitMessage
RegisterClassExA
ReleaseCapture
ReleaseDC
SendMessageA
SetCapture
SetWindowTextA
ShowWindow
TranslateMessage
UnregisterClassA
UpdateWindow

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f6ecbd09d4da9256a8221a2d90ebf22a

Headers

File Characteristics

Imports

kernel32

wsock32

comdlg32

gdi32

user32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 48KB

.data Size: 11KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 82KB - Virtual size: 84KB

.reloc Size: 12KB - Virtual size: 32KB

.text
Size: 46KB - Virtual size: 48KB

.data
Size: 11KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 82KB - Virtual size: 84KB

.reloc
Size: 12KB - Virtual size: 32KB