3471d893d0ceefbe40c45f45178fbf66_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3471d893d0ceefbe40c45f45178fbf66_JaffaCakes118
Size

77KB
MD5

3471d893d0ceefbe40c45f45178fbf66
SHA1

daa37b49fcf1adbf6caab89bba59eaa7756c9367
SHA256

819c9aa571094ff6e3df105d47f43452083e3cb70fc6f60c2875f8cf2f4893a5
SHA512

ad8d8450646cfb279cf95d1cc39e0f6cc760064f45238663233c23becb8f65308203a071a74167b427451b6585c609799a75014e3180108731dcf9aeb3f7671c
SSDEEP

1536:PJVFUVCp0cAh9YiCDtkT13Aqu80lQexprCJ4YV4P6uWD:/F7p0ttCDwClzrCJ4SD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3471d893d0ceefbe40c45f45178fbf66_JaffaCakes118

Files

3471d893d0ceefbe40c45f45178fbf66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5453c5c26ccbd5a9a4cacadce009de30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
MoveFileExA
GetDateFormatA
FreeResource
FindResourceA
LoadResource
GetVolumeInformationA
QueryPerformanceCounter
GetSystemTime
GetLocalTime
CreateFileA
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
RemoveDirectoryW
MoveFileW
FindNextFileW
FindFirstFileW
TlsSetValue
TlsAlloc
GetCurrentThreadId
GetCommandLineA
GetModuleHandleA
LoadLibraryW
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetWindowsDirectoryW
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCurrentProcessId
GetTickCount
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
VirtualAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetSystemInfo
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedDecrement
InterlockedCompareExchange
WaitForMultipleObjects
ResetEvent
CreateDirectoryA
CopyFileA
DeleteFileA
FindFirstChangeNotificationA
GetFileAttributesA
GetStringTypeA
GetTempFileNameA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
GetProcAddress
ExitProcess
GetVersionExA
GetSystemTimeAsFileTime
GetStartupInfoA

user32

GetWindowTextLengthW
GetDoubleClickTime
SetCursor
IntersectRect
InsertMenuItemA
ClientToScreen
InflateRect
OpenClipboard
DestroyWindow
GetClassNameA
GetAsyncKeyState
GetWindowLongA
GetMessagePos
GetClassInfoExA
FindWindowA
ReleaseDC
GetDC
CreateWindowExA
GetKeyNameTextW
GetWindowTextW
DefWindowProcW
UpdateWindow
GetFocus
SetFocus
EnumChildWindows
SetWindowPos
ValidateRect
InvalidateRect
BeginPaint
MapWindowPoints
DestroyMenu
CloseClipboard
SetClipboardData

gdi32

TextOutA
SetViewportOrgEx
DPtoLP
CreateDCA
GetObjectA
CreatePen
DeleteObject
DeleteDC
SetMapMode
RectVisible

ws2_32

WSAWaitForMultipleEvents
WSASocketA
WSAGetOverlappedResult
WSACreateEvent
WSAConnect
WSACloseEvent
WSACleanup
WSAStartup

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5453c5c26ccbd5a9a4cacadce009de30

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

Sections

.text Size: 50KB - Virtual size: 50KB

.data Size: 24KB - Virtual size: 106KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 50KB - Virtual size: 50KB

.data
Size: 24KB - Virtual size: 106KB

.rsrc
Size: 1KB - Virtual size: 1KB