8505eb83d0bf32a58fe9c59d7e7f3c2d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8505eb83d0bf32a58fe9c59d7e7f3c2d_JaffaCakes118
Size

268KB
MD5

8505eb83d0bf32a58fe9c59d7e7f3c2d
SHA1

4d4424d59aecfddb07effe4ffefd9c9d7f9eeaa1
SHA256

96f875cdd49965cfc53a74a5a9655ba79fe39cfd34668e25ea9fe70f7ab0368d
SHA512

dc8fad8edd3bd95c5272bcf32598af7f9ae36c2d3a2495fde7ca7d2dd75f42c00776026553b6f164f8f423b030b1d7458fe289ad11ad9b483a2ebeb3ca15934c
SSDEEP

3072:JrejsG3uKOPDwrGn7W3vsw34vUUYsCxU7EgK3CBdR5WoxpGwd2yxyfcLoehh2y/e:6sG3uKOPDl7W/j4vUUVjEgnUi2A2yV3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8505eb83d0bf32a58fe9c59d7e7f3c2d_JaffaCakes118

Files

8505eb83d0bf32a58fe9c59d7e7f3c2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae86754bb665b147e706efc531717f79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
htons
WSACleanup
inet_ntoa
gethostname
ntohs
socket
setsockopt
closesocket
sendto
bind
WSAIoctl
recv
inet_addr
gethostbyname
WSAGetLastError

kernel32

SetEndOfFile
GetCPInfo
SetErrorMode
RtlUnwind
RaiseException
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
CreateThread
ExitThread
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
GetOEMCP
FlushFileBuffers
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
IsBadReadPtr
IsBadCodePtr
SetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
ReadFile
SetFilePointer
WriteFile
CreateFileA
GetCurrentProcess
SizeofResource
GetProcessVersion
WritePrivateProfileStringA
TlsGetValue
GlobalFlags
lstrcpynA
EnterCriticalSection
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
LocalAlloc
InitializeCriticalSection
LocalFree
GetVersion
MulDiv
LoadLibraryA
GlobalAddAtomA
lstrcatA
GlobalGetAtomNameA
GetModuleHandleA
GlobalFindAtomA
lstrcpyA
GetProcAddress
InterlockedExchange
SetLastError
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetLastError
GetProfileStringA

user32

GetMenu
GetMenuItemCount
GetSubMenu
RegisterClassA
WinHelpA
GetCapture
GetClassInfoA
GetTopWindow
wsprintfA
CopyRect
ScreenToClient
AdjustWindowRectEx
SetFocus
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
ClientToScreen
GetDC
GetSysColor
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetClassNameA
PtInRect
GetSysColorBrush
LoadStringA
DestroyMenu
ReleaseDC
GetMenuItemID
InvalidateRect
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
EnableWindow
LoadIconA
IsWindow
SetActiveWindow
GetMenuState
LoadBitmapA
SetForegroundWindow
InflateRect
DefDlgProcA
CharNextA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
IsWindowUnicode

gdi32

GetTextExtentPointA
PatBlt
CreateCompatibleDC
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
CreateDIBitmap
BitBlt
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

comctl32

ord17

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae86754bb665b147e706efc531717f79

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 180KB - Virtual size: 177KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 20KB - Virtual size: 99KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 20KB - Virtual size: 99KB

.rsrc
Size: 24KB - Virtual size: 23KB