b9a5b6401f19f9373a3ed10cba671837_JaffaCakes118

General

Target

b9a5b6401f19f9373a3ed10cba671837_JaffaCakes118
Size

9KB
MD5

b9a5b6401f19f9373a3ed10cba671837
SHA1

a49878500c25971b0a6fe831d76e531914477e8c
SHA256

ef8f98e8f1dc1d1dc86f51f2c6d2550a95912d38fd052830b0c10ec29965fe28
SHA512

5f866c270ac00d4435f8f56dba0f32b0adeb89d0ea150e2faa5e8407cd0d1206ffb8389176bfa98a0babdd2bc41f6765660757ee71b57594357171b01aae3a03
SSDEEP

192:A1sJXn3WbnNvCL2bJ3iXNIDwmQgKlnAjP1oyn2Iz:ADn9C2IXNaQ7lAr14

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9a5b6401f19f9373a3ed10cba671837_JaffaCakes118

Files

b9a5b6401f19f9373a3ed10cba671837_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eff1002ef601b93c3189577f0083cab6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetLastError
CreateFileMappingA
OutputDebugStringA
ResetEvent
MapViewOfFile
SetEvent
CreateEventA
GetModuleHandleA
GetStartupInfoA
CreateFileA
WriteFile
UnmapViewOfFile
WaitForSingleObject
LoadLibraryA

user32

LoadIconA
EndDialog
SetDlgItemTextA
LoadStringA
SetDlgItemInt
MessageBoxA
DestroyWindow
MsgWaitForMultipleObjects
SendMessageA
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
EnableWindow
CreateDialogParamA
ShowWindow
TranslateMessage
DispatchMessageA
PeekMessageA
DialogBoxParamA

comdlg32

GetSaveFileNameA

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

ws2_32

WSAStartup
select
WSACleanup
socket
htons
inet_addr
gethostbyname
connect
closesocket
send
recv
__WSAFDIsSet

winmm

timeGetTime

msvcrt

??2@YAPAXI@Z
sprintf
??3@YAXPAX@Z
memset
memcpy
strcpy
strcat
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eff1002ef601b93c3189577f0083cab6

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ws2_32

winmm

msvcrt

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 2KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 2KB