4a88fe32083b3ed165760826cb6226d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a88fe32083b3ed165760826cb6226d5_JaffaCakes118
Size

2.1MB
MD5

4a88fe32083b3ed165760826cb6226d5
SHA1

1327b89d1dc8776ea1e652bcd378474a4edcee58
SHA256

95fde0edef52494161f05b4dfea47e50ee991238d2a098abf196c65c4c462f42
SHA512

e45588f49598b3e7a8f28b37496bd4407b55ad69bddbfb3544fcb2fec6943640c41096cb27863e8f1597e5f0bd8ec11daf4386ee6c707006deae94929a5e4f35
SSDEEP

49152:XczDbJZr/zZZvXyXn4RtGBLeWdoxEFmayuigX:YLtNXutB9JigX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a88fe32083b3ed165760826cb6226d5_JaffaCakes118

Files

4a88fe32083b3ed165760826cb6226d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

354e772c40e492fa532536dc275e1173

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA
DragFinish

ws2_32

sendto
WSAConnect
WSACleanup
WSASetServiceW
recv
gethostname
WSAGetQOSByName
WSAAsyncGetHostByName
WSAIsBlocking

kernel32

GetHandleInformation
GetACP
CreateEventA
ExitProcess
FlushFileBuffers
lstrcpyA
GlobalFindAtomW
LocalFileTimeToFileTime
WritePrivateProfileStructA
ReadConsoleInputW
OutputDebugStringW
DebugBreak
PurgeComm
UnhandledExceptionFilter
GenerateConsoleCtrlEvent
WriteFile
IsBadStringPtrA
GetCompressedFileSizeW
GetConsoleCursorInfo
SetFileTime
EnumResourceNamesW
GetVersion
CloseHandle
GetShortPathNameA
ClearCommBreak
AreFileApisANSI
GetDriveTypeW
FreeLibrary
GetTapeStatus
SizeofResource
GetTickCount
CreateMutexW
GlobalDeleteAtom
GetEnvironmentVariableW
SetMailslotInfo
SuspendThread
lstrcmpA
TryEnterCriticalSection
SetEnvironmentVariableA
CreateDirectoryExA
CreateWaitableTimerA
GetFullPathNameA
GetShortPathNameW
SetEvent
FreeResource

gdi32

DeleteObject
EnumFontFamiliesExW
StretchBlt
PlayMetaFileRecord
SetColorAdjustment
CreateFontIndirectW
GetTextMetricsA
GetTextExtentPointA

user32

GetWindowDC
GetMessagePos
mouse_event
ReplyMessage
CreateWindowExA
DrawEdge
CharLowerBuffA
EnumDisplaySettingsW
VkKeyScanA
DrawAnimatedRects
GetKeyNameTextA
DeleteMenu
CharLowerA
GetClassNameA
SendMessageA
EndPaint
DefWindowProcA
ValidateRect
DestroyWindow
CallNextHookEx
OpenWindowStationA
SubtractRect
DialogBoxIndirectParamA
GetClipCursor
GetSystemMetrics
TrackPopupMenu

Sections

.text
Size: 18KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

354e772c40e492fa532536dc275e1173

Headers

File Characteristics

Imports

shell32

ws2_32

kernel32

gdi32

user32

Sections

.text Size: 18KB - Virtual size: 235KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 18KB - Virtual size: 235KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB