60c5cd65969c8fe71092bb3fd6b47941_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60c5cd65969c8fe71092bb3fd6b47941_JaffaCakes118
Size

200KB
MD5

60c5cd65969c8fe71092bb3fd6b47941
SHA1

6078b37cb60988eaf2fcf2b8352b7c3fcff3859d
SHA256

4453f89150345316000e7ec7ca45fcfeab6dec30d68b8dce3ec18d001660ba80
SHA512

79e89c5fb1a9d3dc02649c95f729ccbb9db8dacc1bce3f2b28851ceef4845003d07dc8dd3c19c7f1d384b8051cebbc2bec4c82c410fd287877373e30cfd1c2e1
SSDEEP

3072:hHH/El8aVZw3xiBvybyKL28+A6Jfl88pI8VDI+FvKMbMo1VumpB:JEl8eZwaq+KyBJdLp1r4o1VumL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60c5cd65969c8fe71092bb3fd6b47941_JaffaCakes118

Files

60c5cd65969c8fe71092bb3fd6b47941_JaffaCakes118
.exe windows:1 windows x86 arch:x86

9f1d5927da61ecbbc78b40e49e20868a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

cw3220

_memset
_malloc
_strcat
__ExceptionHandler
_abort
_strstr
_strlen
_strncpy
@_CatchCleanup$qv
_memcpy
__startup
_strncmp
_atol
@__unlockDebuggerData$qv
_strcmp
_flushall
_memcmp
@__lockDebuggerData$qv
___debuggerDisableTerminateCallback
_strcpy
__ftol
_free

kernel32

GetSystemDirectoryA
CompareFileTime
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetSystemDefaultLangID
CopyFileA
GetVersionExA
GetModuleFileNameA
GetLocalTime
GetFileTime
GetFileAttributesA
FreeLibrary
GetCurrentProcess
DeleteFileA
CreateProcessA
WriteFile
UnmapViewOfFile
CreateFileMappingA
ReadFile
MapViewOfFile
CreateFileA
LoadLibraryA
CloseHandle

advapi32

RegDeleteValueA
OpenProcessToken
RegSetValueExA
RegDeleteKeyA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
RegEnumKeyA

gdi32

SelectObject
GetTextExtentPointA
GetStockObject
DeleteObject
DeleteDC
CreateFontA
CreateCompatibleDC
BitBlt

user32

BeginPaint
AppendMenuA
wsprintfA
UpdateWindow
ShowWindow
SetTimer
SetDlgItemTextA
SendDlgItemMessageA
ReleaseDC
RegisterClassA
ModifyMenuA
MessageBoxA
MessageBeep
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
GetMessageA
GetMenu
PostQuitMessage
GetDlgItemTextA
GetDC
GetClientRect
SendMessageA
FindWindowA
ExitWindowsEx
EndPaint
TranslateMessage
EndDialog
EnableMenuItem
DispatchMessageA
DialogBoxParamA
DeleteMenu
DefWindowProcA
CreateWindowExA
CheckMenuItem

netapi32

Netbios

shell32

Shell_NotifyIconA

wsock32

socket
sendto
recvfrom
inet_ntoa
inet_addr
htons
gethostname
gethostbyname
closesocket
bind
WSAStartup
WSACleanup
WSAAsyncSelect

comctl32

InitCommonControls
CreateStatusWindowA

Exports

Exports

__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f1d5927da61ecbbc78b40e49e20868a

Headers

File Characteristics

Imports

cw3220

kernel32

advapi32

gdi32

user32

netapi32

shell32

wsock32

comctl32

Exports

Exports

Sections

CODE Size: 32KB - Virtual size: 32KB

DATA Size: 10KB - Virtual size: 32KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 4KB

.rsrc Size: 29KB - Virtual size: 32KB

.debug Size: 119KB - Virtual size: 120KB

CODE
Size: 32KB - Virtual size: 32KB

DATA
Size: 10KB - Virtual size: 32KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 29KB - Virtual size: 32KB

.debug
Size: 119KB - Virtual size: 120KB