b8ebd22cb4f54e833db67ac0b5e17a99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8ebd22cb4f54e833db67ac0b5e17a99_JaffaCakes118
Size

436KB
MD5

b8ebd22cb4f54e833db67ac0b5e17a99
SHA1

52bcddd6001326d2f57f771bc48c57482c7b6159
SHA256

1438f1df27c1d45907ad97e002afb0c7248c25e02c1dbf8e61cf9158f0ec5f42
SHA512

adbacbd55d534cfb0fc32c9fec15c5c80185a4b3f7ae269094593f06aab53c1e5678a15b322ae3983278673e2a4f6155f3f275a0975d75643475353c7196758f
SSDEEP

6144:lKcdp3sCzyJMsxFlRLSLtklMKxScBfmx:lzLzyJvx9eslt5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8ebd22cb4f54e833db67ac0b5e17a99_JaffaCakes118

Files

b8ebd22cb4f54e833db67ac0b5e17a99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e060214b4ac4d189952f4713c8f1dcd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FileTimeToLocalFileTime
SetProcessWorkingSetSize
CreatePipe
GetDriveTypeW
SetupComm
PrepareTape
GetStringTypeExW
GetPrivateProfileStringA
GlobalGetAtomNameW
GetCurrentDirectoryW
EraseTape
SizeofResource
DuplicateHandle
GetDateFormatA
OpenFile
lstrcpyA
RemoveDirectoryA
SetEvent
GetUserDefaultLCID
SuspendThread
FreeResource
SetConsoleWindowInfo
ReleaseSemaphore
FindFirstFileExW
TryEnterCriticalSection
CloseHandle
EnumSystemCodePagesW
GetCommModemStatus
GetLargestConsoleWindowSize
_hread
ClearCommBreak
GetFileType
GetLogicalDriveStringsA
CreateProcessA
MultiByteToWideChar
_llseek
CompareStringW
DebugBreak
VirtualLock
GetFullPathNameA
WriteConsoleOutputW
CreateFileW
WritePrivateProfileSectionA
CreateDirectoryW
IsBadStringPtrA
GlobalAddAtomW
GlobalUnlock
GlobalReAlloc
GetProcessHeap
_lopen
ReadFileScatter
GetNumberFormatW
_lread

user32

PostMessageW
EndMenu
ValidateRgn
GetCapture
LoadMenuIndirectA
AppendMenuA
DrawFocusRect
FindWindowW
OemToCharBuffW
RegisterClipboardFormatA
LoadIconW
SetScrollInfo
SetMenuItemInfoA
RemoveMenu
DrawFrameControl
SetRectEmpty
ToUnicode
CreateIconFromResource
FlashWindow
wvsprintfW
CloseWindowStation
DestroyCursor
SetActiveWindow

version

GetFileVersionInfoA

comdlg32

PageSetupDlgA
GetSaveFileNameW

oleaut32

SafeArrayRedim
SysFreeString
VariantCopy
SafeArrayCreate

ws2_32

WSALookupServiceNextW
WSAEnumProtocolsW
WSAResetEvent
WSAGetLastError
sendto
shutdown
WSADuplicateSocketA

Sections

.text
Size: 4KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 324KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e060214b4ac4d189952f4713c8f1dcd9

Headers

File Characteristics

Imports

kernel32

user32

version

comdlg32

oleaut32

ws2_32

Sections

.text Size: 4KB - Virtual size: 253KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 324KB - Virtual size: 320KB

.rsrc Size: 100KB - Virtual size: 99KB

.text
Size: 4KB - Virtual size: 253KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 324KB - Virtual size: 320KB

.rsrc
Size: 100KB - Virtual size: 99KB