2e0cd3d41c8717ff4f70d6844b444488_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e0cd3d41c8717ff4f70d6844b444488_JaffaCakes118
Size

152KB
MD5

2e0cd3d41c8717ff4f70d6844b444488
SHA1

c982038b5792dfd41980db470814f64d0de0a186
SHA256

da9b72375380c6bd402e62db32ec8c103e39cc05c34abb32eee03c9690fc2645
SHA512

94de283f65c4599d800aa1470258ecbcc40afdba9d9506b5bbfdf745cb08263de6457332beb8ad88e6f4abff34397405b027ea058b6dc9f14ef8240b54c049ab
SSDEEP

1536:TrlTtxMb7jghnyZpMB7/bHY9goj0ISDgg:Tr5Hw7chnSp4HCg4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e0cd3d41c8717ff4f70d6844b444488_JaffaCakes118

Files

2e0cd3d41c8717ff4f70d6844b444488_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90d6c7fac705285ce4bf38d05e52af0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
LocalFree
CloseHandle
FormatMessageA
FindNextFileA
GetDateFormatA
FileTimeToSystemTime
FindClose
FindFirstFileA
ReadFile
GetCurrentDirectoryA
GetModuleFileNameA
GetModuleHandleA
SetCurrentDirectoryA
SetLastError
WriteFile
lstrcmpiA
CreateFileA
GetLastError
lstrcmpA
FileTimeToLocalFileTime
lstrlenA
GetACP
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
WideCharToMultiByte
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
LoadLibraryA
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetStringTypeA
GetStringTypeW
CompareStringA
LCMapStringW
CompareStringW
lstrcpyA
GetFileSize
SetEnvironmentVariableA
GetProcAddress
GetDriveTypeA
GetFullPathNameA
GetCPInfo
LCMapStringA
HeapReAlloc

user32

EnableWindow
GetDlgItem
SetWindowTextA
wsprintfA
GetWindowTextA
PostMessageA
DefWindowProcA
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
RegisterClassA
UnregisterClassA
WinHelpA
DestroyIcon
LoadIconA
SetClassLongA
SendMessageA
ShowWindow
CreateDialogParamA
CreateWindowExA
MessageBoxA
GetWindowLongA
DialogBoxParamA
SendDlgItemMessageA
EndDialog
wvsprintfA
SetDlgItemTextA
GetDC
ReleaseDC
DestroyWindow
KillTimer
GetParent
GetWindowRect
SetWindowPos
SetTimer

gdi32

LPtoDP
GetTextExtentPoint32A

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA

wsock32

recvfrom
WSACleanup
WSAStartup
ioctlsocket
closesocket
gethostname
WSAAsyncGetHostByName
WSAAsyncSelect
socket
bind
connect
send
recv
htons
ntohs
inet_addr
WSAGetLastError

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90d6c7fac705285ce4bf38d05e52af0e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wsock32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 13KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 13KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 100KB - Virtual size: 100KB