833d97ef63f56ebfb52d649bc6498355_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

833d97ef63f56ebfb52d649bc6498355_JaffaCakes118
Size

153KB
MD5

833d97ef63f56ebfb52d649bc6498355
SHA1

7c345828b543b376341073d9a620943467368ca3
SHA256

1e81216404fe9dcb017a698ac809fbcac92ab0f00106d525a14c050bff00b474
SHA512

de003eb538fb80f4df4ad914eb269412048c5fb13574a76f095fb8079730e1dd5e9feee6d095c3ed87486f29ca99bbcc24f1a154d6dcb265354f2eb9dadf5152
SSDEEP

1536:lpE1qEoHfevutPYF0lJ956aYaAOhYCXLUTYRiHRAD9:lKqE6rxYF0lP7Ys2eD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
833d97ef63f56ebfb52d649bc6498355_JaffaCakes118

Files

833d97ef63f56ebfb52d649bc6498355_JaffaCakes118
.exe windows:4 windows x86 arch:x86

355720a81e7e9083db3b8307f03bb3a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FreeResource
CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
GetSystemDirectoryA
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
ExitProcess
GetLastError
CreateSemaphoreA
SetFileAttributesA
CopyFileA
GetModuleFileNameA
CreateThread
VirtualProtect
GetLocaleInfoA
GetVersionExA
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
HeapReAlloc
VirtualAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
VirtualQuery
InterlockedExchange
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
GetSystemInfo
Sleep
GetStringTypeW
WritePrivateProfileStringA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime

user32

GetActiveWindow
wsprintfA
GetWindowTextA
GetClassNameA
DestroyWindow
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
DefWindowProcA
DialogBoxParamA
BeginPaint
EndPaint
PostQuitMessage
EndDialog
CreateWindowExA
ShowWindow
UpdateWindow
SetWindowsHookExA
FindWindowA
CallNextHookEx

advapi32

RegSetValueExA
RegCreateKeyA

shell32

ShellExecuteA

iphlpapi

GetTcpTable

ws2_32

htonl
inet_ntoa

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

355720a81e7e9083db3b8307f03bb3a2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

iphlpapi

ws2_32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 116KB - Virtual size: 116KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 116KB - Virtual size: 116KB