1c255b01fda31b2ef80b06efb800da9e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c255b01fda31b2ef80b06efb800da9e_JaffaCakes118
Size

76KB
MD5

1c255b01fda31b2ef80b06efb800da9e
SHA1

a0f0f95a311faa67c6ad6609045cdfddfadf82c2
SHA256

c5a09f69d7bda4842f04c2fad5f0a43149d5cf0cc8b90b4d74f66561fae5d9ea
SHA512

7c6048a3834c625a89917ccc71b8e5188e41b13c249736164bea499a74d99e59e70ad7e7dc95e31c8f7467ca62019d508b732d04d154bcd6539d42a4936e2a4f
SSDEEP

768:cO/LVrWPF8/saZFe/iMgEAEq/Qojhbj23FTx/OWM/xBigG1SwUPbokCcj:JDVoSs/iMg3QojF23FlPMmN1Swyoktj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c255b01fda31b2ef80b06efb800da9e_JaffaCakes118

Files

1c255b01fda31b2ef80b06efb800da9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a7d5cc0ce3d534e5c837c3474af8333

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GlobalMemoryStatus
GetDiskFreeSpaceA
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetStdHandle
ReadFile
IsBadCodePtr
CreateThread
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
VirtualAlloc
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
ResumeThread
GlobalFree
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAlloc
GetCurrentProcess
IsBadReadPtr
GetLastError
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapSize
HeapAlloc
HeapReAlloc
TerminateProcess
HeapFree
RaiseException
RtlUnwind
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
MultiByteToWideChar

user32

SetForegroundWindow
MessageBoxA
SendDlgItemMessageA
SetDlgItemTextA
wsprintfA
SetFocus
GetDlgItem
SetWindowPos
GetSystemMetrics
SendMessageA
LoadIconA
SetTimer
GetDlgItemTextA
EndDialog
KillTimer
TrackPopupMenu
GetSubMenu
GetCursorPos
GetSystemMenu
LoadMenuA
ExitWindowsEx
DialogBoxParamA
ShowWindow

advapi32

RegCreateKeyExA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
RegQueryValueExA

shell32

Shell_NotifyIconA

ws2_32

WSAWaitForMultipleEvents
WSACleanup
closesocket
recv
send
connect
inet_addr
htons
socket
accept
WSAEnumNetworkEvents
WSAEventSelect
WSACreateEvent
listen
bind
inet_ntoa
gethostbyname
gethostname
WSAStartup

psapi

GetProcessMemoryInfo

iphlpapi

SendARP
GetAdaptersInfo
GetIpStatistics

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a7d5cc0ce3d534e5c837c3474af8333

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

psapi

iphlpapi

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 12KB - Virtual size: 8KB