5db7152fb067ca377eaa918fb4f74d4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5db7152fb067ca377eaa918fb4f74d4e_JaffaCakes118
Size

208KB
MD5

5db7152fb067ca377eaa918fb4f74d4e
SHA1

04d96ee4e8d81c2f7394e512b5ad800760a29160
SHA256

1e16b376fc3734227045d761bfda611befb6a1d42ebf0116c78bfed603d83f36
SHA512

d0b7e1f8482383cd0eaab003e5f46a5ff0e8b03027269b23e7ee7937bb1b1befd33d69a37cc0df68a7cab247a2abcac74c34a91a8bb3c66718d99bb5eaebd087
SSDEEP

1536:E03kYD/ZQ+QhvoCSlSXSr1R/vYje0RHk/jG:E03kgZQRhvo9sSr19f0tk/j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5db7152fb067ca377eaa918fb4f74d4e_JaffaCakes118

Files

5db7152fb067ca377eaa918fb4f74d4e_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4fc71ccf5554434548166703f4e7e754

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetVersionExA
LocalAlloc
LocalFree
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WritePrivateProfileStringA

wsock32

WSAAsyncGetHostByName
WSAAsyncSelect
WSACancelAsyncRequest
WSACleanup
WSAStartup
closesocket
gethostbyname
gethostname
htonl
htons
inet_ntoa
recvfrom
sendto
setsockopt
socket
bind

gdi32

CreateSolidBrush
GetStockObject
SetBkColor
SetPixel
SetTextColor
TextOutA

user32

CreateWindowExA
DefWindowProcA
DialogBoxParamA
DispatchMessageA
EnableMenuItem
EnableWindow
EndDialog
GetDC
GetDlgCtrlID
GetDlgItem
GetDlgItemTextA
GetMenu
GetMenuStringA
GetMessageA
GetWindowRect
KillTimer
LoadCursorA
LoadIconA
LoadImageA
MessageBoxA
ModifyMenuA
MoveWindow
PostMessageA
PostQuitMessage
RegisterClassA
ReleaseDC
SendMessageA
SetCapture
SetDlgItemTextA
SetTimer
SetWindowPos
ShowWindow
TranslateMessage
UpdateWindow
wsprintfA

cw3230

@_CatchCleanup$qv
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__ExceptionHandler
___debuggerDisableTerminateCallback
__argc
__argv
__exitargv
__flushall
__lrand
__setargv
__startup
_abort
_free
_malloc
_memcpy
_srand
_strcat
_strcmp
_strcpy
_strlen
_time

Exports

Exports

__DebuggerHookData
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 181KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4fc71ccf5554434548166703f4e7e754

Headers

File Characteristics

Imports

kernel32

wsock32

gdi32

user32

cw3230

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 8KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 181KB - Virtual size: 184KB

.reloc Size: 2KB - Virtual size: 8KB

.text
Size: 16KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 8KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 181KB - Virtual size: 184KB

.reloc
Size: 2KB - Virtual size: 8KB