b770d4d501f49f37537d9dbc70f1a273_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b770d4d501f49f37537d9dbc70f1a273_JaffaCakes118
Size

3.7MB
MD5

b770d4d501f49f37537d9dbc70f1a273
SHA1

694fe72914a1475c2b182d14064fcb6c3d36562f
SHA256

7f1f635a275845523610b7b07e242e15f374a51af6cfe5245091faa1aa2cd61d
SHA512

dd7f3c78e92d3b674c837f48fc77b15f6be682b60c3c87cfcb56790e5b988fb4962ab08e633a4fae48f0a61dadd9137b30c69abc4009228ccf09e4908599238f
SSDEEP

98304:9gJVUwHi0KbTX+mJ4L+a04OTcgr2d6jsMQ:9XwJKbS+ahOQgtJQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b770d4d501f49f37537d9dbc70f1a273_JaffaCakes118

Files

b770d4d501f49f37537d9dbc70f1a273_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e185316304ec7b5f29fa1526d619a0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetStartupInfoA
AllocConsole
LoadLibraryExA
RemoveDirectoryW
GetCommConfig
SetVolumeLabelA
GlobalFindAtomW
GetUserDefaultLCID
ReleaseMutex
PeekNamedPipe
GetModuleFileNameW
GetPrivateProfileSectionW
SetEnvironmentVariableW
GetFileAttributesA
VirtualQuery
DeleteFiber

version

VerFindFileA

comdlg32

ChooseColorW
PrintDlgA

shell32

SHGetSpecialFolderLocation
DragQueryPoint
DragFinish
SHGetSpecialFolderPathA

user32

CharLowerBuffW
CharUpperW
CharNextExA
GetMonitorInfoW
CreateWindowExA
SetProcessWindowStation
IsIconic
CountClipboardFormats
BroadcastSystemMessageW
DrawIcon
SetMenuItemInfoA
GetFocus
GetProcessDefaultLayout
GrayStringW
CallNextHookEx
MapWindowPoints
EnumDisplaySettingsW
SetWindowPlacement
EnumDesktopsA
GetDC
CreateIcon
GetMenuItemInfoA
GetScrollPos
GetAsyncKeyState
GetThreadDesktop
RegisterClassExW
GetClassInfoA
SetClassLongA

ws2_32

WSAGetServiceClassNameByClassIdW
WSASetServiceW
recv
WSAGetServiceClassInfoW
WSAAsyncGetServByPort
WSASendDisconnect
gethostbyaddr
sendto
WSAConnect

msvcrt

_wgetcwd
tolower
_mbsinc
_sopen
_mbsnextc
_mbscpy
fread
strpbrk
strtok
strcspn
qsort
sscanf
mbtowc
_spawnlp
_snwprintf
ftell
_dup2

Sections

.text
Size: 2KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e185316304ec7b5f29fa1526d619a0d

Headers

File Characteristics

Imports

kernel32

version

comdlg32

shell32

user32

ws2_32

msvcrt

Sections

.text Size: 2KB - Virtual size: 220KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3.4MB - Virtual size: 3.4MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 2KB - Virtual size: 220KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3.4MB - Virtual size: 3.4MB

.rsrc
Size: 19KB - Virtual size: 18KB