fa894f9db5d151bff25b4dd1da0a20b2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa894f9db5d151bff25b4dd1da0a20b2_JaffaCakes118
Size

29KB
MD5

fa894f9db5d151bff25b4dd1da0a20b2
SHA1

d89f2dcaae2a3f63772782a0523b9d905c5f8b04
SHA256

36b37631977a476bf42b8fa328ec09ded41b7db69b2a82926c0515d8d89c2c96
SHA512

6d7861835b2bc13362b582bb5c0a07c92c2cebab757332534f1bf5c93f207ee0c6d66301879f7e3ede4dea8f7081a18d9bf552d761380a6620d1c850d085d5f4
SSDEEP

384:Nzmz9FMx993AX6L6n9RUIpSsh5E0AVoSllTh795JUzaVQyQo1m2ggvWyKul7BI8g:AzfMx9J26wUIpm0A17RHUzC1m00P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa894f9db5d151bff25b4dd1da0a20b2_JaffaCakes118

Files

fa894f9db5d151bff25b4dd1da0a20b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e84d32f64f516ff11e408b3c8c9b1f35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

user32

wsprintfA
FindWindowExA
SendMessageA
IsWindow
FindWindowA
GetMenu
GetWindowTextA
SwitchToThisWindow
BlockInput
keybd_event
SetForegroundWindow
SetFocus
ShowWindow
VkKeyScanA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
VariantClear
SysFreeString
VariantInit

ws2_32

closesocket
socket
ioctlsocket
connect

msvcrt

malloc
strncpy
strcmp
__CxxFrameHandler
_EH_prolog
atoi
strlen
strcpy
rand
strchr
_vsnprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
srand
_snprintf
strtok
memcmp
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
memset
free
sprintf
strcat
strstr
_except_handler3
memcpy

kernel32

GetStartupInfoA
MultiByteToWideChar
GetFileAttributesA
GetLogicalDriveStringsA
lstrcatA
CreateDirectoryA
SetFileAttributesA
CopyFileA
CreateMutexA
ReleaseMutex
GetModuleFileNameA
GetDriveTypeA
GetCurrentProcess
ExpandEnvironmentStringsA
TerminateThread
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoA
lstrcmpiA
CreateThread
GetTempPathA
LoadLibraryA
lstrlenA
lstrcpyA
lstrcmpA
lstrcpynA
CreateFileA
ExitThread
GetTickCount
WriteFile
CloseHandle
CreateProcessA
WaitForSingleObject
Sleep
ExitProcess
GetModuleHandleA
GetLastError
GetProcAddress

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e84d32f64f516ff11e408b3c8c9b1f35

Headers

File Characteristics

Imports

advapi32

shell32

user32

ole32

oleaut32

ws2_32

msvcrt

kernel32

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 274KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 274KB

.rsrc
Size: 512B - Virtual size: 16B