351adfc69f307c59b5e0ab176110a2cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

351adfc69f307c59b5e0ab176110a2cc_JaffaCakes118
Size

1.6MB
MD5

351adfc69f307c59b5e0ab176110a2cc
SHA1

b824735d53990da2951a01bd23a9e454117b34ec
SHA256

9398a42742cf8e1538455e99341e0458db27c119e4c62a976001b078d0f39335
SHA512

c449fb55c272f0b1ad8aa9020c9faca0715a71ddd9123c0d240a8bfa92688eb121d90eb0f262c90cbfd712a30c2be00dc1aad0d68df9521c1622de59144fe652
SSDEEP

49152:3diH1AnrOZyeds2rnXk7VpA2hKimdgVORNCY5RG:3SAyZhzr4VpAKZmOVOvPG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
351adfc69f307c59b5e0ab176110a2cc_JaffaCakes118

Files

351adfc69f307c59b5e0ab176110a2cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfb1759f1e50728715d549141d186d7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAResetEvent
WSADuplicateSocketA
WSAEnumNameSpaceProvidersA
WSASendDisconnect

user32

GetKeyNameTextW
GetClipboardFormatNameW
CharUpperA
GetClassInfoExA
SetWindowsHookW
LoadIconA
CharLowerA
GetClassLongA
SetUserObjectInformationW
SetWindowsHookExA
CharLowerBuffW
GetMessageW
DefMDIChildProcW
GetKeyNameTextA
SetWindowTextW
DefFrameProcW
ChangeDisplaySettingsExA
SendMessageW
SetCursor

ole32

OleFlushClipboard
OleCreateMenuDescriptor

advapi32

RegQueryValueA
GetServiceDisplayNameA
ControlService
GetSecurityDescriptorControl
AddAccessAllowedAce
CryptReleaseContext
OpenEventLogW
EnumDependentServicesW
CryptGenKey
OpenServiceA

version

VerFindFileA
VerInstallFileA
VerQueryValueA

kernel32

EraseTape
GetFileAttributesA
FindNextChangeNotification
GetUserDefaultLCID
IsBadWritePtr
SetThreadLocale
RemoveDirectoryA
AreFileApisANSI
SetErrorMode
FreeLibrary
SetMailslotInfo
EnumSystemCodePagesW
GetPrivateProfileSectionW
WriteProcessMemory
SetThreadAffinityMask
SearchPathW
_llseek
GlobalFindAtomW
VirtualQueryEx
WriteFile
FatalAppExitA
SetFileTime
ScrollConsoleScreenBufferA
VirtualFree
ExpandEnvironmentStringsW
QueryDosDeviceA
WritePrivateProfileSectionA
GlobalDeleteAtom
MoveFileW
GlobalGetAtomNameW
EnumResourceLanguagesW
ExitProcess
SetProcessAffinityMask
FormatMessageW
GetNumberFormatW
GetTapeParameters
DebugBreak
CopyFileExW
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
FillConsoleOutputCharacterA
OutputDebugStringA
ClearCommBreak
SetNamedPipeHandleState
MultiByteToWideChar
GetShortPathNameA
GlobalFree
ReadFileScatter
GetTempFileNameA
RaiseException

comdlg32

CommDlgExtendedError
ChooseFontW

Sections

.text
Size: 2KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfb1759f1e50728715d549141d186d7e

Headers

File Characteristics

Imports

ws2_32

user32

ole32

advapi32

version

kernel32

comdlg32

Sections

.text Size: 2KB - Virtual size: 251KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 251KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 17KB - Virtual size: 16KB