0ff44ff1f221409b9b319d98be61c24e_JaffaCakes118

General

Target

0ff44ff1f221409b9b319d98be61c24e_JaffaCakes118
Size

3.7MB
MD5

0ff44ff1f221409b9b319d98be61c24e
SHA1

e8e2e6fb68f8f1f2c28e7583c52ce3fdd4a43ad3
SHA256

344f8b3d41933e63bdb4f997897c16fdceb6c5b4a4053d01750697dbd145389d
SHA512

38a8a1479fe5a3262b5eb6fc1a64fc9bb0d2bf86956a89e576c4e7087f2f8d2b67baa86b9d750351de633d0f266fa69cdafb7d7fc6accb922f8f288a19bb23cc
SSDEEP

98304:w5r1CPoVk9FOnGz5uHXp7SBfTXnAZdDFQSPl4Ja0jNQ55MW:w5r1Jk9YngeXFCfTXnyqJvjNQ52W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ff44ff1f221409b9b319d98be61c24e_JaffaCakes118

Files

0ff44ff1f221409b9b319d98be61c24e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4a55314ff9e816ac028a744ef960b2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSADuplicateSocketW
WSAResetEvent
WSAAddressToStringW
WSASetEvent
recvfrom
WSASendDisconnect

user32

GetKeyNameTextW
ChangeClipboardChain
SetPropW
GrayStringW
ClipCursor
HideCaret
ClientToScreen
ChangeDisplaySettingsW
LoadCursorA
DispatchMessageA
IntersectRect
InvalidateRgn
InsertMenuItemW
RemoveMenu
DrawMenuBar
SetCaretPos
InflateRect
GetShellWindow
GetWindowWord
SetMenu
TrackPopupMenu
SetFocus
GetKeyboardLayout
UnhookWindowsHook
PtInRect
SetMenuDefaultItem
CheckMenuRadioItem
DrawTextA
TranslateAcceleratorA
CreateDesktopW
SubtractRect

comdlg32

GetOpenFileNameA
ChooseFontW

kernel32

EnumResourceNamesA
ReadConsoleInputW
IsValidLocale
GetPrivateProfileStringA
GetTempPathW
GetLocaleInfoW
SetConsoleOutputCP
WritePrivateProfileSectionW
GetDriveTypeW
ExitProcess
GetPrivateProfileStringW
IsBadStringPtrA

oleaut32

VariantCopy
QueryPathOfRegTypeLi
LoadTypeLibEx
SafeArrayCreate
SysStringLen

msvcrt

_flushall
iswalnum
_makepath
_wchmod
_memicmp
atof
_mbctolower
_mbsicmp
_strnicmp
_itoa
signal

Sections

.text
Size: 5KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4a55314ff9e816ac028a744ef960b2c

Headers

File Characteristics

Imports

ws2_32

user32

comdlg32

kernel32

oleaut32

msvcrt

Sections

.text Size: 5KB - Virtual size: 223KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3.4MB - Virtual size: 3.4MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 5KB - Virtual size: 223KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3.4MB - Virtual size: 3.4MB

.rsrc
Size: 19KB - Virtual size: 18KB