754957225086803a21d8f37756817740_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

754957225086803a21d8f37756817740_JaffaCakes118
Size

58KB
MD5

754957225086803a21d8f37756817740
SHA1

ea07e9c6c75ebe73d163d989aa85e75869d552f1
SHA256

c2f662f91a12819bb46a7be1d126cd4b0375765353c2a08ca23de053521ab706
SHA512

40380cb7e2021c5750270c687ca6e1b86dc415725b4fbdaa36cd6c2498dbe81e5faa2af5abae9ada9798a9d106c669f268396f4814bd42a0c5584bd7ee7528be
SSDEEP

768:365bv+p6b8fMh1Lwf+bo7N2gc5bxx/k0GtNlEtbCtVDvcW4JerE:3ybv+cb81DU97/kPtktkDcWKME

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
754957225086803a21d8f37756817740_JaffaCakes118

Files

754957225086803a21d8f37756817740_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cfe0c35b4e4ba58c6a45345475b1542

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
FlushFileBuffers
CreateEventW
GetTempFileNameA
GetVersion
LocalAlloc
LocalFree
DeviceIoControl
WaitForSingleObject
GetCurrentProcess
GetTempPathW
LoadLibraryW
RemoveDirectoryW
MoveFileW
FindNextFileW
FindFirstFileW
TlsGetValue
TlsAlloc
GetCurrentThreadId
GetCommandLineA
GetModuleHandleA
GetProfileStringW
FindResourceA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Sleep
FreeResource
GetDateFormatA
MoveFileExA
CreateFileW
GetLocalTime
GetSystemTime
QueryPerformanceCounter
GetVolumeInformationA
InitializeCriticalSection
LoadLibraryA
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
SetUnhandledExceptionFilter
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
GetTickCount
GetCurrentProcessId

user32

GetActiveWindow
CreateMenu
RegisterWindowMessageA
ExitWindowsEx
UnregisterHotKey
GetWindowThreadProcessId
DefWindowProcA
PostMessageW
SendMessageW
GetClientRect
GetForegroundWindow
TrackPopupMenu
GetCursorPos
RegisterClassExA
GetClassInfoExA
GetSysColorBrush
GetPropA
AppendMenuA
CallWindowProcA
GetWindowLongA
GetWindowRect
GetSystemMetrics

gdi32

TextOutA
Escape
PatBlt
GetTextExtentPoint32A
SetPixel
StretchBlt
SelectObject
RectVisible

ws2_32

WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAAddressToStringA
socket
gethostbyaddr
connect
closesocket
accept
WSACleanup
WSAStartup
bind

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cfe0c35b4e4ba58c6a45345475b1542

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

Sections

.text Size: 43KB - Virtual size: 43KB

.data Size: 13KB - Virtual size: 81KB

.rsrc Size: 1024B - Virtual size: 984B

.text
Size: 43KB - Virtual size: 43KB

.data
Size: 13KB - Virtual size: 81KB

.rsrc
Size: 1024B - Virtual size: 984B