83f3425e5895fa4c53c7beb18c3fb64b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83f3425e5895fa4c53c7beb18c3fb64b_JaffaCakes118
Size

93KB
MD5

83f3425e5895fa4c53c7beb18c3fb64b
SHA1

1816af1f310282f1fc24625f98a21ffd2b1cd0df
SHA256

7d4712d4201296872addcf0ba3eb01406e2dda59f5794be60ff2ea69a5ec281b
SHA512

aa769459fb28dfa921cd203bda5622219cb79d3f3f8f4017040c3dd1d576fc147c8cf29567934e27de97d344f31373326f61e5654bb081f726c41f3b1102936b
SSDEEP

1536:O509QdxbQeNMOrvqAnj40vFwqY325A5xkE5W5qXX5AHhoNbZgufo:dQdlrryA03rxVW5qnuHWjXo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83f3425e5895fa4c53c7beb18c3fb64b_JaffaCakes118

Files

83f3425e5895fa4c53c7beb18c3fb64b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

845dc596242380d9e3cb73e5f9c286cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2help

WahReferenceContextByHandle
WahCloseThread
WahDisableNonIFSHandleSupport
WahEnumerateHandleContexts
WahRemoveHandleContext
WahWaitForNotification
WahOpenHandleHelper
WahQueueUserApc
WahOpenNotificationHandleHelper
WahCreateHandleContextTable
WahInsertHandleContext
WahCloseApcHelper

kernel32

SetConsoleCursorPosition
ClearCommError
GetVersion
GetGeoInfoA
VirtualAlloc
GetTickCount
OpenJobObjectW
GetBinaryTypeW
GetSystemDefaultUILanguage
FindFirstVolumeA
HeapQueryInformation
RequestWakeupLatency
BaseUpdateAppcompatCache
SetConsoleCtrlHandler
ReadConsoleW
SetFileShortNameW
SetFileTime
WaitCommEvent
CreateNamedPipeA
PulseEvent
GetDefaultCommConfigA
CreateSemaphoreA
WriteProfileStringW
UnregisterWaitEx
RtlFillMemory
IsValidLocale
SwitchToFiber
GetMailslotInfo
WriteProfileSectionW
LocalAlloc
LoadLibraryA
VerSetConditionMask
DeactivateActCtx

uniplat

UnimodemWaitCommEventEx
UnimodemWriteFileEx
UnimodemDeviceIoControlEx
UmPlatformDeinitialize
UnimodemNotifyTSP
StopMonitorThread
StartMonitorThread
UnimodemReadFileEx
SyncDeviceIoControl
FreeOverStruct
CancelUnimodemTimer
CallBeginning
StopMonitoringHandle
MonitorHandle
CreateOverStructPool
SetUnimodemTimer
CallEnding

user32

IsDlgButtonChecked
CreateMDIWindowA
GetCursorFrameInfo
WINNLSEnableIME
DeleteMenu
AttachThreadInput
CascadeWindows
EnumDesktopsA
LoadKeyboardLayoutEx
DrawCaption
GetTopWindow
DdePostAdvise
DrawTextA
GetKeyboardType
SetCursor
DdeQueryStringW

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

845dc596242380d9e3cb73e5f9c286cc

Headers

DLL Characteristics

File Characteristics

Imports

ws2help

kernel32

uniplat

user32

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 26KB - Virtual size: 31KB

.rsrc Size: 25KB - Virtual size: 25KB

.reloc Size: 512B - Virtual size: 296B

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 26KB - Virtual size: 31KB

.rsrc
Size: 25KB - Virtual size: 25KB

.reloc
Size: 512B - Virtual size: 296B