a2648ba1082c04ea0a5a5ff13b30dd87_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a2648ba1082c04ea0a5a5ff13b30dd87_JaffaCakes118
Size

92KB
MD5

a2648ba1082c04ea0a5a5ff13b30dd87
SHA1

3d3a027a3e664393e0dcb7de231ab6a35be12867
SHA256

a143f21613c9696dd1e62b8995ef47e6bb2fe564b121ed2ae33936349e56c29e
SHA512

247985250417082655b96ec31087b23e02f4f8e33fe9b999526fcbe54ec656d38266886080df428f4950d581d5166ff8c5ac9dd5fa4d8acde9f8ddb4c1d1c7da
SSDEEP

1536:IsIwGIafit7h1zt5pHuJasfFmw7xgqdzuf9aHRtBeWVlMcJyKJI52Njd/pN:DztzHuUsf8w7xgkzuFaHRtBeWntJLIsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2648ba1082c04ea0a5a5ff13b30dd87_JaffaCakes118

Files

a2648ba1082c04ea0a5a5ff13b30dd87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb2f2d5c5f51fc3119093d44393f69a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
bind
listen
WSAAsyncSelect
closesocket
accept
WSAStartup
WSACleanup
gethostbyname
htons
connect
recv
WSASocketA
gethostname
send
socket

mfc42

ord665
ord2414
ord640
ord816
ord535
ord3663
ord3626
ord3571
ord3692
ord1200
ord926
ord858
ord823
ord825
ord540
ord860
ord800
ord1641
ord1640
ord323
ord562
ord2864
ord537
ord6385
ord5186
ord354
ord939
ord2818
ord2915
ord924
ord4202
ord4129
ord2764
ord5710
ord2820
ord6877
ord356
ord2770
ord2781
ord4058
ord3178
ord1980
ord668
ord3811
ord5785

msvcrt

fclose
fread
fopen
fwrite
sprintf
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_setjmp3
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
free
malloc
getenv
sscanf
fflush
rename
strchr
fseek
ftell
rewind
strrchr
_mbscmp
_ftol
longjmp
__CxxLongjmpUnwind
__CxxFrameHandler

kernel32

GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
GetFileAttributesA
OpenProcess
TerminateProcess
GlobalMemoryStatus
RemoveDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
GetLogicalDrives
GetDriveTypeA
CreateToolhelp32Snapshot
Process32First
Module32First
Process32Next
CloseHandle
GetWindowsDirectoryA
Sleep
GetVersionExA
CreateDirectoryA
LoadLibraryA
GetProcAddress
GetTempPathA
SetFileAttributesA
DeleteFileA
GetSystemDirectoryA
GetModuleFileNameA
FindFirstFileA
CopyFileA
FindClose
WinExec
CreateEventA
GetLastError
GlobalSize
GlobalAlloc
GlobalReAlloc
GlobalFree

user32

SendMessageA
DestroyWindow
DialogBoxParamA
DefWindowProcA
SetWindowTextA
SetTimer
PostQuitMessage
KillTimer
EndPaint
BeginPaint
EndDialog
GetParent
GetDlgItemTextA
GetSystemMetrics
GetActiveWindow
MessageBoxA
IsWindow
GetCursorPos
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
GetDesktopWindow
GetWindowRect
ExitWindowsEx
mouse_event
SetCursorPos

gdi32

CreateDCA
SelectObject
DeleteDC
CreateBitmapIndirect
SetDIBits
GetStockObject
GetObjectA
SelectPalette
RealizePalette
GetDIBits
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
GetSystemPaletteEntries
CreatePalette

advapi32

RegEnumKeyA
RegDeleteValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameA
RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegCreateKeyA
RegSetValueExA

shell32

ShellExecuteA
SHGetFileInfoA

avicap32

capCreateCaptureWindowA

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb2f2d5c5f51fc3119093d44393f69a8

Headers

File Characteristics

Imports

ws2_32

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

avicap32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB