383709cb3885c660314067b7d9543bf3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

383709cb3885c660314067b7d9543bf3_JaffaCakes118
Size

251KB
MD5

383709cb3885c660314067b7d9543bf3
SHA1

0d3f6cc4e3f72f174351fc614ea54025e0715b93
SHA256

5e8bec3c94f5b8dd59824c28dccb4dc3f6b7cdade82160e7d2f6655f8a93628a
SHA512

42a4ff2c262ca601f7862dee8cac91ffb389111aa88a9c6d751721bba74fe80323daa8c84a6c5b2b66275d8ef12ed4136ff2157097a7f1a7327f5a5d55279db7
SSDEEP

6144:TRazhwlUx2EHSgoy+2eOvJWPz1X5TrUM1a:FkSgGOvJ45XVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
383709cb3885c660314067b7d9543bf3_JaffaCakes118

Files

383709cb3885c660314067b7d9543bf3_JaffaCakes118
.exe windows:1 windows x86 arch:x86

f03353d3de9c37da8f1c803c77ea65f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

winmm

mciSendStringA

mpr

WNetCancelConnection2A
WNetAddConnection2A

kernel32

DeleteFileA
DuplicateHandle
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetDateFormatA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
CloseHandle
GetTickCount
GetTimeFormatA
GetVersionExA
GetWindowsDirectoryA
GlobalMemoryStatus
LoadLibraryA
CopyFileA
MoveFileA
MultiByteToWideChar
OpenProcess
PeekNamedPipe
CreateDirectoryA
ReadFile
RtlUnwind
CreateFileA
SetFileAttributesA
SetFilePointer
Sleep
TerminateProcess
TerminateThread
WideCharToMultiByte
WriteFile
CreateMutexA
lstrcpyA
lstrcpynA
lstrlenA
CreatePipe
CreateProcessA
CreateThread

user32

GetWindowTextA
GetForegroundWindow
GetKeyState
GetAsyncKeyState
MapVirtualKeyA
ExitWindowsEx
wsprintfA
CharUpperBuffA
CharToOemA
keybd_event

advapi32

GetUserNameA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

ws2_32

ntohs
WSACleanup
listen
ioctlsocket
inet_ntoa
inet_addr
htons
htonl
getsockname
socket
getpeername
gethostbyname
gethostbyaddr
connect
closesocket
bind
accept
__WSAFDIsSet
WSAStartup
send
select
WSAGetLastError
recv

crtdll

_iob
_itoa
__GetMainArgs
_stricmp
_strnicmp
toupper
atoi
exit
fclose
ferror
fgetc
fopen
fputc
fputs
fwrite
localeconv
malloc
mbstowcs
memcpy
memmove
memset
pow
raise
rand
signal
srand
strcat
strchr
strcmp
strncmp
strncpy
strrchr
strstr
strtok
strtol
strtoul
ungetc
wcslen
wctomb

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 109KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f03353d3de9c37da8f1c803c77ea65f6

Headers

File Characteristics

Imports

shell32

winmm

mpr

kernel32

user32

advapi32

ws2_32

crtdll

Sections

.text Size: 68KB - Virtual size: 68KB

.bss Size: - Virtual size: 109KB

.data Size: 177KB - Virtual size: 177KB

.idata Size: 3KB - Virtual size: 3KB

.text
Size: 68KB - Virtual size: 68KB

.bss
Size: - Virtual size: 109KB

.data
Size: 177KB - Virtual size: 177KB

.idata
Size: 3KB - Virtual size: 3KB