888ff0bbc89f63d74ca199348d916265_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

888ff0bbc89f63d74ca199348d916265_JaffaCakes118
Size

264KB
MD5

888ff0bbc89f63d74ca199348d916265
SHA1

38ed3fd24056dcdc6d89112216dce297cdc342e6
SHA256

f3aa80330f027924e5995f364dc23606eea8a84c76989a09e3e4a3f53b608d2b
SHA512

a0c36141ce27c037cc36a902efae8cd8a72861e2ae97c99d415b6aa11bfe5011db9d3d42bed2161f34c620b2969c28b5a92a06550234d74422beb24246d99e04
SSDEEP

3072:hL5rMQ1exR2fQnZiODN3vEh5i+Nq6tCYP9o5UptDLoXH:hRtYJnZi6sh5i+NqCCYP9+4tD+H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
888ff0bbc89f63d74ca199348d916265_JaffaCakes118

Files

888ff0bbc89f63d74ca199348d916265_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57e45aae62037a7e0b3df3cc4057a560

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
VariantChangeType
SetErrorInfo
GetErrorInfo
VariantClear
SysAllocString
VariantInit
CreateErrorInfo

ws2_32

send
shutdown
closesocket
WSACleanup
WSAStartup
socket
gethostbyname
htons
connect
recv

kernel32

LocalFree
lstrlenW
SetStdHandle
GetOEMCP
GetModuleHandleA
VirtualAlloc
VirtualFree
HeapFree
GetACP
GetCPInfo
IsBadCodePtr
GetStringTypeW
GetStringTypeA
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
FlushFileBuffers
GetStartupInfoA
GetFileType
SetHandleCount
GetSystemDirectoryA
GetModuleFileNameA
GetWindowsDirectoryA
ExitProcess
GetLastError
CreateMutexA
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
ReadFile
SetFilePointer
WriteFile
lstrlenA
GetFileSize
CloseHandle
CreateFileA
GetSystemTime
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
WideCharToMultiByte
HeapCreate
HeapDestroy
GetVersionExA
HeapReAlloc
HeapAlloc
InterlockedIncrement
LoadLibraryA
GetProcAddress
MultiByteToWideChar
IsBadWritePtr
IsBadReadPtr
HeapValidate
RtlUnwind
GetCommandLineA
GetVersion
RaiseException
TerminateProcess
GetCurrentProcess
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
GetEnvironmentVariableA

user32

BlockInput
SetForegroundWindow
SetFocus
ShowWindow
keybd_event
VkKeyScanA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57e45aae62037a7e0b3df3cc4057a560

Headers

File Characteristics

Imports

ole32

oleaut32

ws2_32

kernel32

user32

Sections

.text Size: 212KB - Virtual size: 211KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 20KB - Virtual size: 26KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 212KB - Virtual size: 211KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 20KB - Virtual size: 26KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 6KB