48c5e1856f87b6974c9ab32467f29796_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

48c5e1856f87b6974c9ab32467f29796_JaffaCakes118
Size

576KB
MD5

48c5e1856f87b6974c9ab32467f29796
SHA1

3fded57428c9b1d39be4d695e7059adbd4fc4451
SHA256

c11fa8dd6ec1b44dae0c676f9e4c8184770af28fdd270b9bd483fb9c20a0c261
SHA512

fbfd227e43c13d2a380317de9b9957d878f0fa855b3e7b8db1ab862c0f239cd36a7ba56ad4326ea00ee1da16576e65116f4b83096c5a1e6fadded5c477f4192d
SSDEEP

6144:OwjsbMVRa8zR0oC67dd9c6GRCZS1Ihp2clsihxtCgW4YZOL35L:OQBDd0O9AoTv7HwZOL3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48c5e1856f87b6974c9ab32467f29796_JaffaCakes118

Files

48c5e1856f87b6974c9ab32467f29796_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6eadbfe2fcedf56c9c87a71a93df7bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyaddr
send
ntohs
recv
WSAGetLastError
getservbyname
WSAAsyncSelect
shutdown
socket
connect
WSASetLastError
closesocket
gethostbyname
inet_ntoa
htons
htonl
WSAStartup
inet_addr
getservbyport

winmm

timeBeginPeriod
timeEndPeriod

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecA

kernel32

GetACP
GetCPInfo
RaiseException
HeapSize
RtlUnwind
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
GetCurrentThreadId
SetLastError
GetOEMCP
IsValidCodePage
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcess
MulDiv
TerminateProcess
GetProcAddress
LoadLibraryA
GetModuleFileNameA
FreeLibrary
GetModuleHandleA
CloseHandle
CreateMutexA
GetLastError
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetFileSize
GetSystemTimeAsFileTime
FindFirstFileA
FindNextFileA
FindClose
Sleep
ReadFile
DeleteCriticalSection
WriteFile
InitializeCriticalSection
LeaveCriticalSection
SetFilePointer
EnterCriticalSection
SetEndOfFile
GetTickCount
InterlockedExchangeAdd
InterlockedIncrement
InterlockedDecrement
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
GetSystemDirectoryA
WideCharToMultiByte
MultiByteToWideChar
CopyFileW
LCMapStringA
CopyFileA
GetCurrentDirectoryA
WritePrivateProfileStringA
MoveFileA
GetFileAttributesExA
GetFileAttributesExW
DeleteFileW
CreateDirectoryA
SetFileAttributesA
SetCurrentDirectoryA
CreateFileA
CreateDirectoryW
SetCurrentDirectoryW
GlobalAlloc
GlobalFree
GetCurrentDirectoryW
GlobalLock
CreateFileW
GetFileAttributesA
GetPrivateProfileStringW
GetPrivateProfileStringA
SetFileAttributesW
GetWindowsDirectoryA
GetVersionExA
DeleteFileA
WritePrivateProfileStringW
TerminateThread
GlobalUnlock
MoveFileW
GetCommandLineW
GetVersion
ExitProcess
GetCurrentProcessId
OpenProcess
LocalAlloc
GetTempPathA
GetShortPathNameA
CreateProcessA
LocalFree
WinExec
GetStartupInfoA
WaitForSingleObject
CreateThread
ResumeThread
ExitThread
HeapReAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapAlloc
HeapFree
GetCommandLineA
GetProcessHeap
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
LCMapStringW
GetTimeZoneInformation
GetFullPathNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
VirtualAlloc
GetStdHandle
WriteConsoleW
FlushFileBuffers
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
GetFileAttributesW
SetEnvironmentVariableA
GetDriveTypeA

user32

ReleaseDC
GetSystemMenu
CreateWindowExW
FillRect
DrawTextA
SetWindowPos
GetDesktopWindow
BeginPaint
DrawTextW
GetMenuItemCount
SetCursor
RegisterClassA
SendMessageA
DrawMenuBar
InvalidateRect
GetDC
AdjustWindowRect
EnableWindow
UpdateWindow
EndPaint
GetWindowLongA
GetMessagePos
CreateWindowExA
SetWindowLongA
DestroyWindow
LoadCursorA
SetClassLongA
EnableMenuItem
GetClientRect
SetWindowTextW
ScreenToClient
RegisterClassExW
RegisterClassExA
GetWindowPlacement
MessageBoxW
LoadIconA
MessageBoxA
DefWindowProcW
DefWindowProcA
PostMessageA
PeekMessageA
GetKeyState
DispatchMessageA
GetQueueStatus
TranslateMessage
MsgWaitForMultipleObjects
SetForegroundWindow
IsWindow
ShowWindow
UnregisterClassA
AdjustWindowRectEx
SetWindowTextA

gdi32

SelectObject
CreateFontA
GetObjectA
GetTextExtentPoint32W
TextOutW
GetStockObject
SetBkMode
DeleteObject
SetTextColor

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegCloseKey
RegDeleteKeyA

ole32

CoCreateInstance
OleInitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6eadbfe2fcedf56c9c87a71a93df7bb

Headers

File Characteristics

Imports

ws2_32

winmm

comctl32

shlwapi

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 256KB - Virtual size: 255KB

.rdata Size: 72KB - Virtual size: 68KB

.data Size: 16KB - Virtual size: 22KB

.rsrc Size: 228KB - Virtual size: 226KB

.text
Size: 256KB - Virtual size: 255KB

.rdata
Size: 72KB - Virtual size: 68KB

.data
Size: 16KB - Virtual size: 22KB

.rsrc
Size: 228KB - Virtual size: 226KB