8abd5302e1bd92aa5b0c710fb74f1d3e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8abd5302e1bd92aa5b0c710fb74f1d3e_JaffaCakes118
Size

3.7MB
MD5

8abd5302e1bd92aa5b0c710fb74f1d3e
SHA1

71227bb9f5e56c11271b5153dde5e9351f96e039
SHA256

f9f1dec620ff045cdc163a7372bb6309f404856a2772bfa8b5124d44b223d89f
SHA512

582d2ab4ec3f864ce57dbf2fdf0352ae8d580768e41d4cd7cd4c9e6b6ba4f1c1e6e4d0acced943e856af1230ba6972007c94cd249d8d9d487eed6c9fba7701ab
SSDEEP

98304:9gJVUwHi0KbTX+mJ4L+a04OTcgr2d6jpc:9XwJKbS+ahOQgtpc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8abd5302e1bd92aa5b0c710fb74f1d3e_JaffaCakes118

Files

8abd5302e1bd92aa5b0c710fb74f1d3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e185316304ec7b5f29fa1526d619a0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetStartupInfoA
AllocConsole
LoadLibraryExA
RemoveDirectoryW
GetCommConfig
SetVolumeLabelA
GlobalFindAtomW
GetUserDefaultLCID
ReleaseMutex
PeekNamedPipe
GetModuleFileNameW
GetPrivateProfileSectionW
SetEnvironmentVariableW
GetFileAttributesA
VirtualQuery
DeleteFiber

version

VerFindFileA

comdlg32

ChooseColorW
PrintDlgA

shell32

SHGetSpecialFolderLocation
DragQueryPoint
DragFinish
SHGetSpecialFolderPathA

user32

CharLowerBuffW
CharUpperW
CharNextExA
GetMonitorInfoW
CreateWindowExA
SetProcessWindowStation
IsIconic
CountClipboardFormats
BroadcastSystemMessageW
DrawIcon
SetMenuItemInfoA
GetFocus
GetProcessDefaultLayout
GrayStringW
CallNextHookEx
MapWindowPoints
EnumDisplaySettingsW
SetWindowPlacement
EnumDesktopsA
GetDC
CreateIcon
GetMenuItemInfoA
GetScrollPos
GetAsyncKeyState
GetThreadDesktop
RegisterClassExW
GetClassInfoA
SetClassLongA

ws2_32

WSAGetServiceClassNameByClassIdW
WSASetServiceW
recv
WSAGetServiceClassInfoW
WSAAsyncGetServByPort
WSASendDisconnect
gethostbyaddr
sendto
WSAConnect

msvcrt

_wgetcwd
tolower
_mbsinc
_sopen
_mbsnextc
_mbscpy
fread
strpbrk
strtok
strcspn
qsort
sscanf
mbtowc
_spawnlp
_snwprintf
ftell
_dup2

Sections

.text
Size: 2KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e185316304ec7b5f29fa1526d619a0d

Headers

File Characteristics

Imports

kernel32

version

comdlg32

shell32

user32

ws2_32

msvcrt

Sections

.text Size: 2KB - Virtual size: 220KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3.4MB - Virtual size: 3.4MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 2KB - Virtual size: 220KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3.4MB - Virtual size: 3.4MB

.rsrc
Size: 19KB - Virtual size: 18KB