0d2506e0bb99b9dff0cf153d40d6771d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d2506e0bb99b9dff0cf153d40d6771d_JaffaCakes118
Size

169KB
MD5

0d2506e0bb99b9dff0cf153d40d6771d
SHA1

83f9b9b35a9ccf55fc62d6ede75a8ae02db24791
SHA256

88adfa921e3e1a041d81cb222a08dccc174618385f94a6c99d02733f801a1a2b
SHA512

9b0d1728974097fb9da9357cb841025c1dda219cb44e4de84c45fdd01cc8dbb3118d227cabe43bf3c3425c0fa692e90b1a95c2b0f81a592608485a72e64b7f4f
SSDEEP

3072:72bluW/OfP4WvKPfc/c4rlFaJJt3ZS8FDSwaq6X2MrrYfotqT:Cp6P4eqsa5JBSwS2g8R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d2506e0bb99b9dff0cf153d40d6771d_JaffaCakes118

Files

0d2506e0bb99b9dff0cf153d40d6771d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee857ee1beba96c4564cb25923d4f74e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetProcessHeap
VirtualAlloc
LocalAlloc
GetCommandLineA
GetModuleHandleA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
GetOEMCP
GetACP
GetCPInfo
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
HeapAlloc
CreateFileA
ReadFile
CloseHandle
AllocConsole
InitializeCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA

user32

GetMenuItemID
SetCapture
MapDialogRect
LoadImageA
DestroyWindow
OffsetRect
SendDlgItemMessageW
EndDialog
CheckRadioButton
OpenClipboard
EmptyClipboard
SetClipboardData
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetClassNameA
IsWindowEnabled
SetFocus
SetTimer
KillTimer
LoadIconW
MessageBoxW
SetPropA
GetSystemMenu
GetMenuItemCount
CloseClipboard
RemoveMenu
UnhookWindowsHookEx
CreateDialogIndirectParamW
GetWindowTextW
DialogBoxIndirectParamW
GetScrollInfo
ReleaseCapture

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
RegCloseKey

ole32

CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize
CoRegisterClassObject

ws2_32

WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAAddressToStringA
WSAStartup
socket
WSACleanup
send
getprotobynumber
getservbyname
getservbyport
setsockopt

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee857ee1beba96c4564cb25923d4f74e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 57KB - Virtual size: 107KB

.idata Size: 4KB - Virtual size: 3KB

.shared Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 57KB - Virtual size: 107KB

.idata
Size: 4KB - Virtual size: 3KB

.shared
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB