858aa38acdd02d25395c5b51439a544e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

858aa38acdd02d25395c5b51439a544e_JaffaCakes118
Size

416KB
MD5

858aa38acdd02d25395c5b51439a544e
SHA1

37f09adff5cd3020501fd64043af6cae5cad8095
SHA256

d7be18a77aebbc84b4cd8b0a8f53dd135c7b39dc7592e1082cad3ea8255b950e
SHA512

144f46c6d2714684ab1d6c3aed15da677a4968273882ca33e877513fbdc5292f52f319cf1b3d578b0bcf615f148472ddc9d7c32259a5b1adbcb2fc5d6c3cc136
SSDEEP

6144:4OGW2KCGbEY5BwnK9msAy95Gkd58W4kbbbiccchgmgmgmlvvvvQQndddZ0007UU6:4OGWMGbrwnKH78Wb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
858aa38acdd02d25395c5b51439a544e_JaffaCakes118

Files

858aa38acdd02d25395c5b51439a544e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f289c346eead720c7b4c5b736eb27e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
FileTimeToLocalFileTime
FileTimeToSystemTime
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetEndOfFile
LoadLibraryA
GetTimeZoneInformation
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
CompareStringA
CompareStringW
MulDiv
GetTickCount
WriteProcessMemory
GetModuleFileNameA
FindFirstFileA
FindNextFileA
FindClose
OpenProcess
GetModuleHandleA
ReadProcessMemory
GetLastError
WriteFile
CloseHandle
GetOEMCP
CreateFileA
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetEnvironmentVariableA
SetHandleCount
GetProcAddress
ReadFile
SetFilePointer
HeapFree
HeapSize
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapReAlloc
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA

user32

LoadBitmapA
RegisterClassExA
LoadCursorA
LoadIconA
DefWindowProcA
SendMessageA
EndPaint
BeginPaint
PostQuitMessage
MessageBoxA
DestroyWindow
GetWindowTextA
GetWindowTextLengthA
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
SetWindowPos
MsgWaitForMultipleObjects
UpdateWindow
ShowWindow
SetWindowTextA
FindWindowA
GetWindowThreadProcessId
UnregisterClassA
GetDC
ReleaseDC
CreateWindowExA

gdi32

GetDeviceCaps
CreateFontA
MoveToEx
LineTo
CreateCompatibleDC
SelectObject
GetObjectA
BitBlt
DeleteDC
DeleteObject
SetTextAlign
TextOutA
SetBkColor
SetTextColor
SetBkMode
GetStockObject
CreatePen

comdlg32

GetSaveFileNameA

ws2_32

WSAGetLastError
WSAStartup
closesocket
inet_ntoa
connect
htons
WSAAsyncSelect
socket
bind
htonl
shutdown
gethostbyname
listen
accept
send
recv
inet_addr

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f289c346eead720c7b4c5b736eb27e3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

ws2_32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 21KB

.rsrc Size: 456KB - Virtual size: 452KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 456KB - Virtual size: 452KB