18372cbd5a5a3a18f63ac4dde954bd89_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

18372cbd5a5a3a18f63ac4dde954bd89_JaffaCakes118
Size

36KB
MD5

18372cbd5a5a3a18f63ac4dde954bd89
SHA1

be464b87629e1dc21dfcbd2a2e10c08c5a098905
SHA256

a5704ac43c101671490c4c7c279e3485ce9778247faf3dee004cb5831b063f36
SHA512

90aa6fe61409bbf613d650440fc9f6e37c702757b85a00daa7abfa11b8ddab56adddf6406e9d86d274ed3a3e2a0db03bb9f7d624abb38d244c60994e62331aaa
SSDEEP

384:BoRz7OdJb7cDZDj/9IvfMnJvlN9u4vhL3C/HqUzvHTeWHb4JlckRIRRmFjfWaSl1:wPOfb7cDlOi9uehL3CPtzP7fD7SR0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18372cbd5a5a3a18f63ac4dde954bd89_JaffaCakes118

Files

18372cbd5a5a3a18f63ac4dde954bd89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56cfe3c3f80ef003a41be33e62670d14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

InitCommonControlsEx

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

ws2_32

WSAAsyncSelect
WSACleanup
WSAConnect
WSASocketA
WSAStartup
closesocket
gethostbyname
htons
recv
send

gdi32

CreateFontA
CreateSolidBrush
GetDeviceCaps
SetBkColor
SetTextColor

kernel32

AddAtomA
CloseHandle
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindAtomA
GetAtomNameA
GetConsoleWindow
GetCurrentProcess
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
MulDiv
OpenMutexA
OpenProcess
ReadProcessMemory
SetUnhandledExceptionFilter
Sleep

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_beginthread
_cexit
_endthread
_iob
_onexit
_setmode
_snprintf
_vsnprintf
abort
atexit
free
malloc
memcpy
memset
printf
rand
signal
srand
strcat
strcpy
strlen
strncmp
system
time

user32

CreateWindowExA
DefWindowProcA
DispatchMessageA
GetAsyncKeyState
GetDC
GetDesktopWindow
GetDlgItem
GetForegroundWindow
GetKeyState
GetMessageA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
LoadCursorA
LoadIconA
MessageBoxA
MoveWindow
PostQuitMessage
RegisterClassExA
ReleaseDC
SendMessageA
ShowWindow
TranslateMessage

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

56cfe3c3f80ef003a41be33e62670d14

Headers

File Characteristics

Imports

comctl32

psapi

ws2_32

gdi32

kernel32

msvcrt

user32

Sections

.text Size: 26KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 832B

.text
Size: 26KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 832B