702a6d3de8a76047c8080338c7644bc1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

702a6d3de8a76047c8080338c7644bc1_JaffaCakes118
Size

67KB
MD5

702a6d3de8a76047c8080338c7644bc1
SHA1

1045ac7af2cdfbea649166bb8c188c4eef2fc277
SHA256

5f4401c105cc2117c26bc999cebd07d63fc6f569803ec82fbc0c7ee432273253
SHA512

013cb28fe58b7cbbf2802612a7c1b728653e6ee8e39c5d224e32e622768713925658e315b271ccbee12b8bb6c830e2fd8c09304e2d09128be5d1e5ad3ec4d1b6
SSDEEP

1536:e4DV1yiI1++yBiWYv+oN/ugWOcqqAittod:rHI1++Fr/upLHAitto

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
702a6d3de8a76047c8080338c7644bc1_JaffaCakes118

Files

702a6d3de8a76047c8080338c7644bc1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c583fc2dfc2db8436bde0fec3e760a99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
PeekMessageA
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
DefWindowProcA
SetTimer
GetCursorPos
RegisterClassA
GetMessageA
DispatchMessageA
MessageBoxA
IsWindow
UpdateWindow
CreateWindowExA
ShowWindow
LoadCursorA

kernel32

GetSystemDirectoryA
SetEnvironmentVariableA
CompareStringW
FreeEnvironmentStringsA
CompareStringA
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
GetSystemTimeAsFileTime
SystemTimeToFileTime
CopyFileA
GetWindowsDirectoryA
GetCurrentDirectoryA
CloseHandle
WriteFile
SetFilePointer
CreateFileA
ReadFile
ExpandEnvironmentStringsA
GetFileSize
FindClose
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
GetFileAttributesA
GetTickCount
LocalFree
LocalAlloc
LocalSize
GetStartupInfoA
Sleep
SleepEx
ExitThread
FreeLibrary
CreateThread
GetProcAddress
LoadLibraryA
SetThreadPriority
GetCurrentThread
GetModuleFileNameA
ExitProcess
ReleaseMutex
GetLastError
HeapFree
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
HeapAlloc
GetFileType
GetCPInfo
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLocalTime
GetSystemTime
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
VirtualAlloc
VirtualFree
HeapCreate
GetStringTypeW
FlushFileBuffers
GetTimeZoneInformation
HeapDestroy
HeapReAlloc
GetModuleHandleA
GetCommandLineA
GetVersion

wsock32

send
WSAStartup
WSACleanup
recv
ioctlsocket
htons
connect
closesocket
socket
gethostbyname

gdi32

GetStockObject

advapi32

RegCreateKeyExA
GetUserNameA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegSetValueExA
RegCloseKey

Exports

Exports

_SetMouseHook@8

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c583fc2dfc2db8436bde0fec3e760a99

Headers

File Characteristics

Imports

user32

kernel32

wsock32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 19KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 19KB