299b7dc666e7ca284fc7b8f47b99fb7d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

299b7dc666e7ca284fc7b8f47b99fb7d_JaffaCakes118
Size

910KB
MD5

299b7dc666e7ca284fc7b8f47b99fb7d
SHA1

917b6a0c58ecf82aa29cfc8c126315acb009fa56
SHA256

1086882f280233251a6c745d001199ea1fe7efbdf8d63ab5495d2b264d1b5660
SHA512

329dd17ea84331f68f13aabbfd9dbc55324fe18e0a7a2e5d8c66d63424b4903a9bd5672131fb8579f48cad8a1573172a5569b0cfbbbadcd7fe50e835d8bb4a8c
SSDEEP

12288:P7U7JPaKRzfBwNP5R4vlN4oI4s7IN09HMulJE2HawRGGXZdzIXuzWP4c7waqLGQG:ACKR/fFs7IN0NMnV6XEX+oBw3KUhs/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
299b7dc666e7ca284fc7b8f47b99fb7d_JaffaCakes118

Files

299b7dc666e7ca284fc7b8f47b99fb7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13d519be3aace2919f5c3163dfe6e504

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetImageCount
CreateStatusWindowW
ImageList_GetBkColor
ImageList_Merge

ws2_32

htonl
WSAGetLastError
WSAConnect
WSACleanup
WSAGetServiceClassNameByClassIdW
WSALookupServiceBeginA
WSAResetEvent
WSAGetServiceClassInfoW
WSACancelAsyncRequest
WSASendDisconnect

kernel32

_lopen
OutputDebugStringW
SetConsoleOutputCP
ConnectNamedPipe
GetCompressedFileSizeW
EndUpdateResourceA
GetThreadContext
ExitProcess
DuplicateHandle
GetLogicalDriveStringsA
VirtualLock
GetDriveTypeA
CreateWaitableTimerA
EnumCalendarInfoW
GetCPInfo
SearchPathW
GetEnvironmentStringsW
MoveFileExA
PulseEvent
SetCurrentDirectoryA
VirtualAllocEx
WritePrivateProfileStructA
lstrcmpA
GetLongPathNameA
SetConsoleWindowInfo
IsValidLocale
WriteConsoleOutputCharacterA
GenerateConsoleCtrlEvent
GetAtomNameA
OpenSemaphoreW
SetFileAttributesA
GetProcessTimes
SwitchToFiber
GlobalAddAtomA

user32

IsDialogMessageW
EnumWindowStationsA
ChangeClipboardChain
SetMenuItemInfoW
GetScrollPos
SetCursorPos
GetKeyNameTextW
GetPropW
CloseDesktop
GetDialogBaseUnits
GetMessageExtraInfo
CreateDesktopA
GetCaretPos
CallWindowProcW
GetActiveWindow
SetMessageQueue
FrameRect
FindWindowW
OemToCharBuffW
IsWindowEnabled
GetTitleBarInfo

gdi32

UnrealizeObject
SelectClipPath

msvcrt

_get_osfhandle
_tempnam
_spawnlp
_chdrive
remove
setbuf
_stat
memmove
mktime
_wspawnvp
realloc
_wpopen
_wputenv

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 593KB - Virtual size: 593KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13d519be3aace2919f5c3163dfe6e504

Headers

File Characteristics

Imports

comctl32

ws2_32

kernel32

user32

gdi32

msvcrt

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 593KB - Virtual size: 593KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 593KB - Virtual size: 593KB

.rsrc
Size: 17KB - Virtual size: 16KB