1ae1d953fd208a33e209016c2ba16348_JaffaCakes118

General

Target

1ae1d953fd208a33e209016c2ba16348_JaffaCakes118
Size

96KB
MD5

1ae1d953fd208a33e209016c2ba16348
SHA1

41397f48c6d45a4481f717def8f85412451ce449
SHA256

a6d956cac6c3cbe24efd527c334efaceb10a571320c99bee4eecef54ff43f7c3
SHA512

9565fbd0d8b3fb89f59b9cbaebd83562701546424656c750e110783fbddd8fe60b314b0a32c0ad5d484e1a4c3316900f87ff8de7856ba9ada431efc7bfa8878d
SSDEEP

768:mv8ARyN9gbdkcuyb1f0V3pH6nUtaAa4CsKv2VFP4va1H3f85rGvKvrHUMR/XUJII:mv8ARyNg8DCsobf90ItgmuDEGz83U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ae1d953fd208a33e209016c2ba16348_JaffaCakes118

Files

1ae1d953fd208a33e209016c2ba16348_JaffaCakes118
.exe windows:4 windows x86 arch:x86

872a22ef8d482db250bffee4ec12a411

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
free
sprintf
atol
_isctype
memmove
strstr
realloc
_ftol
atoi
strrchr

kernel32

IsBadReadPtr
GetCommandLineA
GetModuleFileNameA
Sleep
TerminateThread
CreateThread
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalSize
HeapFree
lstrcpyn
RtlMoveMemory
LocalAlloc
RtlFillMemory
LocalFree
GetCurrentProcess
ReadProcessMemory
GetModuleHandleA
lstrlenA
GetProcessHeap
ExitProcess
HeapAlloc
HeapReAlloc

user32

PeekMessageA
wsprintfA
MessageBoxA
SetWindowPos
SetWindowRgn
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
EqualRect
IntersectRect
SetWindowLongA
GetWindowLongA
PostQuitMessage
CreateWindowExA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
IsWindow
EnableWindow
UpdateWindow
ShowWindow
IsWindowVisible
GetWindowRect
CallWindowProcA
ReleaseDC
FillRect
GetSysColor
GetDC
DefWindowProcA
TrackMouseEvent
SendMessageA
GetParent
InvalidateRect
EndPaint
BeginPaint
MoveWindow
LoadCursorA
LoadIconA
RegisterClassExA
GetClassInfoExA

gdi32

CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
CreateSolidBrush
StretchBlt
CreatePatternBrush
DeleteObject
SetBkColor
TextOutA
SetTextColor
CreateDIBitmap
CreateRectRgn
GetPixel
CombineRgn
GetObjectA

msimg32

TransparentBlt

ws2_32

inet_ntoa
send
__WSAFDIsSet
select
closesocket
htons
socket
WSAStartup
WSACleanup
shutdown
ioctlsocket
connect
inet_addr
WSAGetLastError
recv
gethostbyname

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

872a22ef8d482db250bffee4ec12a411

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

msimg32

ws2_32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 13KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 13KB