a56c101d8b4bbbc20d47ff286ed1d6d9_JaffaCakes118

General

Target

a56c101d8b4bbbc20d47ff286ed1d6d9_JaffaCakes118
Size

3.7MB
MD5

a56c101d8b4bbbc20d47ff286ed1d6d9
SHA1

4f1b175ee0917294e27426965fb65adab2f0fd2c
SHA256

d796d1b7351a6a9eb99410c3bf602acbab87b3709658682e5af2da3a80e7c2ae
SHA512

067e551090656c13ede85cab3fc38ab4a3b871c7d2437fa640cb7a2fb9d37d5249f31d51b05700670581c8afacd5a33036ed5beb46a6298e0ea4a121de03357f
SSDEEP

98304:w5r1CPoVk9FOnGz5uHXp7SBfTXnAZdDFQSPl4Ja0jNQ5CyOn6LR:w5r1Jk9YngeXFCfTXnyqJvjNQ5CyOg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a56c101d8b4bbbc20d47ff286ed1d6d9_JaffaCakes118

Files

a56c101d8b4bbbc20d47ff286ed1d6d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4a55314ff9e816ac028a744ef960b2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSADuplicateSocketW
WSAResetEvent
WSAAddressToStringW
WSASetEvent
recvfrom
WSASendDisconnect

user32

GetKeyNameTextW
ChangeClipboardChain
SetPropW
GrayStringW
ClipCursor
HideCaret
ClientToScreen
ChangeDisplaySettingsW
LoadCursorA
DispatchMessageA
IntersectRect
InvalidateRgn
InsertMenuItemW
RemoveMenu
DrawMenuBar
SetCaretPos
InflateRect
GetShellWindow
GetWindowWord
SetMenu
TrackPopupMenu
SetFocus
GetKeyboardLayout
UnhookWindowsHook
PtInRect
SetMenuDefaultItem
CheckMenuRadioItem
DrawTextA
TranslateAcceleratorA
CreateDesktopW
SubtractRect

comdlg32

GetOpenFileNameA
ChooseFontW

kernel32

EnumResourceNamesA
ReadConsoleInputW
IsValidLocale
GetPrivateProfileStringA
GetTempPathW
GetLocaleInfoW
SetConsoleOutputCP
WritePrivateProfileSectionW
GetDriveTypeW
ExitProcess
GetPrivateProfileStringW
IsBadStringPtrA

oleaut32

VariantCopy
QueryPathOfRegTypeLi
LoadTypeLibEx
SafeArrayCreate
SysStringLen

msvcrt

_flushall
iswalnum
_makepath
_wchmod
_memicmp
atof
_mbctolower
_mbsicmp
_strnicmp
_itoa
signal

Sections

.text
Size: 5KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4a55314ff9e816ac028a744ef960b2c

Headers

File Characteristics

Imports

ws2_32

user32

comdlg32

kernel32

oleaut32

msvcrt

Sections

.text Size: 5KB - Virtual size: 223KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3.4MB - Virtual size: 3.4MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 5KB - Virtual size: 223KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3.4MB - Virtual size: 3.4MB

.rsrc
Size: 19KB - Virtual size: 18KB