678e6e2718f64a115cbeb752e639a475_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

678e6e2718f64a115cbeb752e639a475_JaffaCakes118
Size

5.7MB
MD5

678e6e2718f64a115cbeb752e639a475
SHA1

6e75fe7a21a142f7b093edf448dc3fb90a519460
SHA256

b7ad9bf5eb3ed2c65781c1533688f8c6e84c8f893ccf2d5459b70fb52653733b
SHA512

7c3c922e3365890b29c5623aa951805d8dc2cec1ff720f93208706a662e39e7496adaa773acbc386c61cc8087e150bac3aff2e66257fb6954f2a368d103371b4
SSDEEP

98304:MwrfUZSKkfGStZaBP5wG3UFodlz4Cn8gECtDhiHnN5wPypddZHeD:N3/GS8P6GkycC8gdtDhiHNWPOdd9eD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
678e6e2718f64a115cbeb752e639a475_JaffaCakes118

Files

678e6e2718f64a115cbeb752e639a475_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12e355e044e255000f62669046b96dfe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAAsyncGetHostByName
WSAUnhookBlockingHook
WSAIsBlocking
inet_addr
WSASetBlockingHook
getservbyname
recv
WSARecv
WSAGetServiceClassNameByClassIdW
WSAGetLastError

comctl32

ImageList_DragLeave
ImageList_Create
ImageList_SetImageCount

gdi32

Polyline
CreateRoundRectRgn
BeginPath
CopyEnhMetaFileW
CreateDCW
ExcludeClipRect
OffsetViewportOrgEx
CreateHatchBrush
CombineRgn
GetMapMode

version

GetFileVersionInfoA
VerFindFileA
VerInstallFileA

kernel32

ConnectNamedPipe
CancelIo
FileTimeToLocalFileTime
CreateMutexW
SetHandleCount
SearchPathW
SetNamedPipeHandleState
CreateNamedPipeW
TlsGetValue
SetSystemTime
GetPrivateProfileSectionW
GetEnvironmentVariableW
OutputDebugStringA
GetCompressedFileSizeW
ExitProcess
SetThreadPriorityBoost
lstrcpynA
FindResourceExW
IsDBCSLeadByteEx
QueryDosDeviceW
GetTempPathW
MoveFileW
WritePrivateProfileStringW
CreateIoCompletionPort
EnumResourceNamesA
LocalFileTimeToFileTime
VirtualFree
VirtualProtect
VirtualUnlock

user32

ShowScrollBar
CreateMDIWindowW
ShowCursor
GetMessageExtraInfo
IsCharAlphaNumericA

ole32

StringFromGUID2
OleSetMenuDescriptor

comdlg32

GetSaveFileNameW
PageSetupDlgA

Sections

.text
Size: 2KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12e355e044e255000f62669046b96dfe

Headers

File Characteristics

Imports

ws2_32

comctl32

gdi32

version

kernel32

user32

ole32

comdlg32

Sections

.text Size: 2KB - Virtual size: 222KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5.5MB - Virtual size: 5.5MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 222KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5.5MB - Virtual size: 5.5MB

.rsrc
Size: 17KB - Virtual size: 16KB