3585c139e1b76ee1fde9858eeca2ce73_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3585c139e1b76ee1fde9858eeca2ce73_JaffaCakes118
Size

53KB
MD5

3585c139e1b76ee1fde9858eeca2ce73
SHA1

9ff6baefd186af7eee05ef15baa3c0df3928ef05
SHA256

6e8d7c163497143f7940d899d99f0679a8df7bc23a7a56b7448518b5761f38de
SHA512

b23e5958b5951f71f807ef7a810221d35c107fcdf5ba183190a24fc14fd6c441f0ade522e7f5401e6087c8ea415b5e8855ebf6af589ac059505a637ee62c6768
SSDEEP

768:LR92j0kQuqc6d2hHYUdu7Uwx+c2L3dx5gPYQwUm9O5Y8vN22e5:V0j0ksdK4Udu7UpL3dwzRU+YMN22

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3585c139e1b76ee1fde9858eeca2ce73_JaffaCakes118

Files

3585c139e1b76ee1fde9858eeca2ce73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52ffa5b31bb2c7725dc588ff5d2e8b2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

GetUserNameA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

AddAtomA
BeginUpdateResourceA
CloseHandle
CopyFileA
CreateProcessA
CreateToolhelp32Snapshot
DeleteFileA
EndUpdateResourceA
ExitProcess
FindAtomA
FindResourceA
GetAtomNameA
GetCommandLineA
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcessId
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetSystemDirectoryA
GetTempPathA
GetTimeFormatA
GetVersionExA
GetWindowsDirectoryA
LoadResource
LockResource
Module32First
OpenProcess
Process32First
Process32Next
SetCurrentDirectoryA
SetFileAttributesA
SetUnhandledExceptionFilter
SizeofResource
TerminateProcess
UpdateResourceA
lstrcatA
lstrcpyA
lstrlenA

msvcrt

_sleep
_strcmpi
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
atoi
ctime
fclose
fflush
fopen
fprintf
fputs
fread
free
fseek
ftell
fwrite
malloc
memcpy
memset
rand
signal
sprintf
strcat
strcmp
strcpy
strncpy
time

shell32

ExtractIconA
ShellExecuteA
Shell_NotifyIconA

user32

CallNextHookEx
CheckMenuItem
CreateWindowExA
DefWindowProcA
DestroyMenu
DestroyWindow
DispatchMessageA
FindWindowA
FindWindowExA
GetClassNameA
GetCursorPos
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetKeyboardType
GetMessageA
GetSubMenu
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
LoadCursorA
LoadMenuA
LoadStringA
MessageBoxA
ModifyMenuA
PostQuitMessage
RegisterClassExA
SendMessageA
SetMenuItemInfoA
SetWindowsHookExA
ShowWindow
ToUnicodeEx
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
wsprintfA

ws2_32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
htons
recv
send
socket

Exports

Exports

KeyEvent@12

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52ffa5b31bb2c7725dc588ff5d2e8b2b

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

shell32

user32

ws2_32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.data Size: 1024B - Virtual size: 768B

.rdata Size: 8KB - Virtual size: 7KB

.bss Size: - Virtual size: 3KB

.edata Size: 512B - Virtual size: 73B

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 23KB

.data
Size: 1024B - Virtual size: 768B

.rdata
Size: 8KB - Virtual size: 7KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 73B

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 2KB - Virtual size: 2KB