5ca3874ccc36103ecbbaa426dc55f7ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ca3874ccc36103ecbbaa426dc55f7ce_JaffaCakes118
Size

412KB
MD5

5ca3874ccc36103ecbbaa426dc55f7ce
SHA1

e5c3a2db5cdce59229c3ba14b2a8f1e26ad5c68d
SHA256

6e7dcca7731e09fd84d87f2042e992ea9e1b92d0519ba70a4a67ddd360632dfe
SHA512

c25da393d3210aae9df9c5d3e8a03c9f76ddd72ec79363c0a1e73ab7559e6d85eca1b666526533070d7078b795e301c893e066d3a2fafadf4a6d79726ed0acf2
SSDEEP

3072:f9tLgfuVXw15u9LWNPRaYpX2liyln01HTfZoKf7EdmEjpsfyW:fsuVUsANZ+ljn09doKDsmEjEyW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ca3874ccc36103ecbbaa426dc55f7ce_JaffaCakes118

Files

5ca3874ccc36103ecbbaa426dc55f7ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90bf89c37e38b1695d96f779a0c52e6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError
WSACleanup
WSAStartup
gethostbyname
inet_addr
getservbyname
htons
gethostbyaddr
ntohs
WSASetLastError
htonl
inet_ntoa
getservbyport

psapi

GetModuleFileNameExA

shlwapi

PathRemoveFileSpecA

iphlpapi

GetAdaptersInfo

mfc42

ord665
ord1979
ord5442
ord823
ord3318
ord5186
ord354
ord6877
ord537
ord4278
ord4129
ord1105
ord3337
ord3811
ord6283
ord6282
ord858
ord2818
ord922
ord924
ord535
ord6385
ord5710
ord6883
ord6663
ord541
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5714
ord4622
ord3738
ord561
ord815
ord3663
ord4220
ord2584
ord3654
ord6143
ord2438
ord2414
ord2621
ord1134
ord2725
ord5289
ord1146
ord1168
ord3996
ord2379
ord755
ord470
ord6215
ord2642
ord3092
ord692
ord2582
ord4402
ord3640
ord693
ord4243
ord6907
ord3998
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord6453
ord1644
ord6270
ord2863
ord2763
ord6929
ord6927
ord4277
ord3571
ord1641
ord640
ord5785
ord1640
ord323
ord1949
ord3619
ord818
ord2152
ord1576
ord2243
ord6197
ord4299
ord4275
ord2380
ord5875
ord5789
ord6172
ord1929
ord3721
ord795
ord3797
ord2860
ord2135
ord540
ord860
ord941
ord800
ord6669
ord4853
ord4234
ord2302
ord6515
ord825
ord324
ord567
ord641
ord6743
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord3402
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord3597
ord4425
ord5280
ord1775
ord6052
ord2514
ord4710
ord4998
ord4376
ord5265
ord3626
ord1233

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
malloc
_mbsicmp
_setmbcp
_CxxThrowException
__CxxFrameHandler
sprintf
atof
atoi
strtok
free
strncpy
calloc
strtoul
strchr
fclose
fgets
fopen
_mbscmp

kernel32

CreateEventA
OpenEventA
CloseHandle
CreateMutexA
GetLastError
ReleaseMutex
GetTempPathA
GetTempFileNameA
DeleteFileA
MoveFileA
InterlockedDecrement
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetCurrentProcessId
Sleep
GetSystemDirectoryA
GetTickCount
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcatA
lstrcpyA
lstrlenA
GetWindowsDirectoryA
GetFileAttributesA
GetCurrentDirectoryA
CreateFileA
DeviceIoControl
GetModuleHandleA
GetStartupInfoA
InitializeCriticalSection
ResetEvent
SetEvent
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
OpenProcess
WaitForSingleObject
SizeofResource
VirtualFreeEx
MultiByteToWideChar
LocalFree
FindResourceA
LoadResource

user32

GetSubMenu
SetMenuDefaultItem
GetCursorPos
ClientToScreen
LoadMenuA
ReleaseDC
GetClientRect
DrawIcon
SendMessageA
SetCursor
SystemParametersInfoA
KillTimer
IsIconic
LoadBitmapA
SetWindowRgn
CopyRect
RedrawWindow
LoadCursorA
EnableWindow
PostMessageA
LoadIconA
GetSysColorBrush
DrawTextA
SetTimer
GetWindowDC
SetRect
GetSystemMetrics

gdi32

BitBlt
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateFontIndirectA
CreateCompatibleDC
GetObjectA
StretchBlt

advapi32

RegFlushKey
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
ControlService
StartServiceA
DeleteService
OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
RegSetValueExA

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

_TrackMouseEvent

ole32

OleRun
CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString
GetErrorInfo
VariantClear

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90bf89c37e38b1695d96f779a0c52e6e

Headers

File Characteristics

Imports

ws2_32

psapi

shlwapi

iphlpapi

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

oleaut32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 134KB

.rsrc Size: 340KB - Virtual size: 339KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 134KB

.rsrc
Size: 340KB - Virtual size: 339KB