93e586c3b82c87889108cc8e2bdf2c68_JaffaCakes118

General

Target

93e586c3b82c87889108cc8e2bdf2c68_JaffaCakes118
Size

3.7MB
MD5

93e586c3b82c87889108cc8e2bdf2c68
SHA1

5b59f3076c950a9d181e4bbd6fa80dde7919f691
SHA256

8bec610275246bc7fba368c0be217632c5af03309536b5edcc11b43bae901bae
SHA512

ee0f44aff6c65f9ac117f2571c8bcb7c9004aa36866db80325e1d71a6ad46661bc73cc16562212ea7c6c2d4cf2f113bdb1a4f6b1d2b4c8e28adfacf2a11d613a
SSDEEP

98304:B2o4yIOTYI8LmpNEHoYUK3W4nDNayxawtRmA:ZQOR86p+2wxnpayowtRz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93e586c3b82c87889108cc8e2bdf2c68_JaffaCakes118

Files

93e586c3b82c87889108cc8e2bdf2c68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46d1a5560db7365f6bca888b8238fa16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAAsyncGetProtoByNumber
shutdown
WSAHtons
WSAEnumProtocolsW

shell32

DragQueryPoint
SHChangeNotify

ole32

CoSwitchCallContext
CoGetTreatAsClass

kernel32

GetTickCount
EnumDateFormatsW
SetConsoleOutputCP
lstrcmpA
OpenFile
ReleaseSemaphore
EnumTimeFormatsW
ExpandEnvironmentStringsW
CreatePipe
GetUserDefaultLangID
ExitProcess
TryEnterCriticalSection
GetTempFileNameA
LoadLibraryExW
OutputDebugStringA
GetCPInfo
IsBadReadPtr
GetSystemDefaultLangID
PeekConsoleInputW
VirtualAllocEx
AllocConsole

user32

ChildWindowFromPointEx
TabbedTextOutA
CreateCursor
MsgWaitForMultipleObjectsEx
wsprintfW
VkKeyScanW
GetPropA

version

VerFindFileA

oleaut32

LoadTypeLibEx
VariantChangeType
SysAllocStringLen
SafeArrayCreate
SetErrorInfo
LoadTypeLi

msvcrt

_ismbcspace
_eof
_ismbcdigit
_putws
bsearch
_cwait
fwprintf
_isctype
strtok
rename
_stricoll
fgetc
_wcsupr
getenv
_close
tolower
_wtoi
strspn
wcsftime
_chdrive
_mbsupr
_beginthreadex
_wgetenv

Sections

.text
Size: 2KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46d1a5560db7365f6bca888b8238fa16

Headers

File Characteristics

Imports

ws2_32

shell32

ole32

kernel32

user32

version

oleaut32

msvcrt

Sections

.text Size: 2KB - Virtual size: 221KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3.5MB - Virtual size: 3.5MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 2KB - Virtual size: 221KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3.5MB - Virtual size: 3.5MB

.rsrc
Size: 19KB - Virtual size: 18KB