45e6c11c0e0b6e4624f3980d27a3f21c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

45e6c11c0e0b6e4624f3980d27a3f21c_JaffaCakes118
Size

335KB
MD5

45e6c11c0e0b6e4624f3980d27a3f21c
SHA1

faf4e8c345297844e01b395d80a52e4c08fa18ec
SHA256

46e7f1a40bba9b1090fdde9e8327ba68a4ebb77c3fa2879a50075696887bd06d
SHA512

76016177f220961d727fa9e63b4e71bbe2f488f89c46d3cc202d7a93b7e16e641cc26ec1f6199fe8d117f72bc9f0ce7765bb4086a921551130a30025cb638364
SSDEEP

6144:APNs9fn22fkwc7TbaxLAlJpNUOJNyPglsa8Q7+Y4ftsse:oy22fkw9xqJUeNO6saZ4ft

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45e6c11c0e0b6e4624f3980d27a3f21c_JaffaCakes118

Files

45e6c11c0e0b6e4624f3980d27a3f21c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0873126f57ccb2dafaf92200645ba0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
ExitThread
lstrlenA
CreateEventA
TerminateThread
SetEnvironmentVariableA
CompareStringA
FlushFileBuffers
CreateThread
IsBadReadPtr
LCMapStringW
WriteFile
GetFileType
SetUnhandledExceptionFilter
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
UnhandledExceptionFilter
WideCharToMultiByte
GetModuleFileNameA
VirtualAlloc
VirtualFree
IsBadWritePtr
HeapDestroy
HeapSize
HeapCreate
GetVersion
GetCommandLineA
GetProcAddress
GetLocalTime
GetSystemTime
GetStartupInfoA
HeapReAlloc
HeapAlloc
Sleep
WinExec
FindResourceA
SetEndOfFile
GetFileAttributesA
ReadFile
CreateFileA
LoadResource
LockResource
SizeofResource
GetModuleHandleA
GetTickCount
LoadLibraryA
CloseHandle
GetCPInfo
FreeLibrary
SetStdHandle
CompareStringW
GetStringTypeA
GetTimeZoneInformation
LCMapStringA
GetOEMCP
GetACP
GetLastError
SetFilePointer
HeapFree
GetStringTypeW
MultiByteToWideChar
GetCurrentProcess
ExitProcess
IsBadCodePtr
RtlUnwind
TerminateProcess

user32

PtInRect
MessageBoxA
CreateWindowExA
SetWindowLongA
LoadImageA
GetCursorPos
MessageBeep
GetWindowLongA
DefWindowProcA
SetTimer
ClipCursor
RegisterClassExA
SetWindowPos
PostMessageA
GetSystemMetrics
PeekMessageA
GetDesktopWindow
GetWindowRect
LoadCursorA
DispatchMessageA
TranslateMessage
SetMenu
LoadIconA
LoadMenuA
ClientToScreen
ShowWindow
GetClientRect
DestroyWindow
SetCursor
KillTimer
wsprintfA

gdi32

DeleteObject
DeleteDC
SelectObject
CreateCompatibleDC
BitBlt
CreateBrushIndirect
GetObjectA

advapi32

RegOpenKeyA
RegQueryValueExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

ddraw

DirectDrawCreate

dinput

DirectInputCreateA

dplayx

ord4

dsound

ord1

wsock32

WSACancelAsyncRequest
closesocket
WSAAsyncGetHostByName
inet_addr
ioctlsocket
htons
socket
connect
recv
WSAStartup
WSACleanup
send
inet_ntoa
WSAGetLastError

winmm

joyGetPos
joyGetDevCapsA

Sections

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b0873126f57ccb2dafaf92200645ba0d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

ddraw

dinput

dplayx

dsound

wsock32

winmm

Sections

.text Size: 260KB - Virtual size: 260KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 37KB

.rsrc Size: 39KB - Virtual size: 39KB

.text
Size: 260KB - Virtual size: 260KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 37KB

.rsrc
Size: 39KB - Virtual size: 39KB