228214090b804a88abe2ffb11cbdd0a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

228214090b804a88abe2ffb11cbdd0a2_JaffaCakes118
Size

32KB
MD5

228214090b804a88abe2ffb11cbdd0a2
SHA1

d71597eee9e5609328e58fd5eca8a1dfc9ef8cad
SHA256

c4cfbe20fd234c976adde325f453f0314fb302af95980ba9ea30ff8a3e6781c4
SHA512

21a87091c03f0fe601762b8adacb57ac14cb45131016841251c1b6f39c37bb5423a68f4842d47b41888f7052cf3a44b442f444a23447c95f0e59b882bdccdd72
SSDEEP

384:gHb9/NIAtzFriayYwgFJ9z+baTwYYNfaY2uYDUQZcQ/bTAPc0LfkvE1qx6Z3rI/J:gHb5tzWqXJ+WcLVMDZcQXAxN1TCoq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
228214090b804a88abe2ffb11cbdd0a2_JaffaCakes118

Files

228214090b804a88abe2ffb11cbdd0a2_JaffaCakes118
.exe windows:1 windows x86 arch:x86

cb565d9f88e3599bd889da23037f2a2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindFirstFileA
GetCurrentDirectoryA
SetFilePointer
WideCharToMultiByte
WriteConsoleA
ExitProcess
CopyFileA
GetModuleHandleA
GlobalAlloc
WriteFile
CreateDirectoryA
SetFileAttributesA
DeleteFileA
CreateFileA
GetSystemDirectoryA
GetProcAddress
FindNextFileA
GlobalFindAtomA
RemoveDirectoryA
Sleep
lstrcmpA
SetCurrentDirectoryA
GlobalFree
LoadLibraryA
GetModuleFileNameA
GetWindowsDirectoryA
lstrlenA
GetLogicalDriveStringsA
GetFileSize
ReadFile
CreateThread
GlobalAddAtomA
CloseHandle
GetStdHandle
WritePrivateProfileStringA
lstrcpyA
lstrcatA

advapi32

RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

wsock32

inet_addr
htons
gethostname
connect
closesocket
bind
accept
__WSAFDIsSet
WSAStartup
WSACleanup
socket
setsockopt
send
gethostbyname
select
recv
listen
inet_ntoa

wininet

InternetOpenUrlA
FtpPutFileA
InternetReadFile
InternetOpenA
InternetCloseHandle
InternetConnectA
InternetGetConnectedState

user32

TranslateMessage
ToAsciiEx
SetWindowsHookExA
SetKeyboardState
SetClipboardViewer
SendMessageA
PeekMessageA
OpenClipboard
GetWindowThreadProcessId
GetMessageA
GetKeyboardState
GetKeyboardLayout
GetKeyNameTextA
GetForegroundWindow
GetFocus
GetClipboardData
DispatchMessageA
DefWindowProcA
CreateWindowExA
CloseClipboard
GetWindowTextA
CallNextHookEx
RegisterClassA

gdi32

SelectObject
GetDeviceCaps
GetDIBColorTable
DeleteObject
DeleteDC
CreateDIBSection
CreateDCA
CreateCompatibleDC
BitBlt

Sections

CODE
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb565d9f88e3599bd889da23037f2a2f

Headers

File Characteristics

Imports

kernel32

advapi32

wsock32

wininet

user32

gdi32

Sections

CODE Size: 19KB - Virtual size: 20KB

DATA Size: 4KB - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

CODE
Size: 19KB - Virtual size: 20KB

DATA
Size: 4KB - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB