333e8de712990f7f939c0e0a5bd804ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

333e8de712990f7f939c0e0a5bd804ea_JaffaCakes118
Size

160KB
MD5

333e8de712990f7f939c0e0a5bd804ea
SHA1

b4a38ecb202bef18f0358c9c82d8141fa0b72cfa
SHA256

832508ca2dd4d2d10ca962a878566798eeafa4a14ffccbbf5c2dcbcaed08270a
SHA512

747b8d6c102b9b14c94127f65c47fc40b15615a0fd8b25fb6cd79c53d93cb57a5d9167a42fc8b97ed4198cd11b143b93d771948f29e14cc58ec12cb6ba5721a0
SSDEEP

1536:FUwXUtti+zIgGe9rKysYaDJ3HuhJ2F9WKRIoRbQ11v:Cti+DGe9rrsYaD9JVIoRk1v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
333e8de712990f7f939c0e0a5bd804ea_JaffaCakes118

Files

333e8de712990f7f939c0e0a5bd804ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e20ea8d85d23d6a32715586413b9e604

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
CreateThread
GetUserDefaultLangID
GetSystemDefaultLangID
WaitForSingleObject
GetCurrentDirectoryA
WinExec
Sleep
GetLastError
GetStdHandle
WriteFile
SetStdHandle
SetConsoleCtrlHandler
RtlUnwind
GetEnvironmentStringsW
WriteConsoleA
CreateFileA
GetNumberOfConsoleInputEvents
PeekConsoleInputA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
ReadFile
CloseHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
SetFilePointer
ExitProcess
TerminateProcess
GetCurrentProcess
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCommandLineA
GetVersion
DebugBreak
GetEnvironmentStrings
MultiByteToWideChar
InterlockedDecrement
CreateProcessA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
HeapAlloc
FlushFileBuffers
SetHandleCount
GetFileType
GetStartupInfoA
WideCharToMultiByte
HeapDestroy
LCMapStringA
LCMapStringW
VirtualFree
HeapReAlloc
HeapFree
HeapCreate
FreeEnvironmentStringsA
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW

user32

WindowFromPoint
FindWindowA
PostMessageA
GetDlgItem
FindWindowExA
SendMessageA

ws2_32

inet_ntoa
WSAStartup
WSACleanup
socket
bind
listen
accept
recv
send
WSASocketA
inet_addr
htons
gethostbyname
connect

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e20ea8d85d23d6a32715586413b9e604

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 12KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 12KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB