bc696971c53390ebef89194113903d1a_JaffaCakes118

General

Target

bc696971c53390ebef89194113903d1a_JaffaCakes118
Size

1.5MB
MD5

bc696971c53390ebef89194113903d1a
SHA1

4d470e504913b5b5c67fab04369bae9c776078ba
SHA256

3def7a087d2d8e456f8542728f512a0c97e5ba27fa88c97b97e874ee61fe2e89
SHA512

cefc1100a35f00a6bd02283b5bfed8a21e0c598298791faf9fec6e515b01243a70631b38e2fe786853c64fcf4d147710416f219aafde79632928d0fec9f3245a
SSDEEP

24576:s7n5V+aS3rnLlv9dKCDygqwKrupvuwdl8H31eUowgwBN7qqiDK9uarhKHd:s75w7dnO+KruB+AJHwBN7vi8c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc696971c53390ebef89194113903d1a_JaffaCakes118

Files

bc696971c53390ebef89194113903d1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82c698412fdd4fddcd94a69aae68d6af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SwitchToThisWindow
SetParent
CopyIcon
AdjustWindowRectEx
GetWindowLongA
GetMessageW
IsDialogMessageW
DefWindowProcW
SetWindowContextHelpId
MonitorFromPoint
SetWinEventHook
SetKeyboardState
ChangeDisplaySettingsW
ShowScrollBar
GetClassLongW
GetNextDlgGroupItem
OemKeyScan
DefWindowProcA
WaitMessage
EndMenu
SetMenuInfo
LoadKeyboardLayoutA
CreateDialogIndirectParamA
TabbedTextOutA
LoadIconA
SetThreadDesktop
LoadMenuIndirectA
GetLastActivePopup
EnumDisplaySettingsExA
WindowFromDC
ExcludeUpdateRgn

kernel32

WriteFile
FormatMessageA
GetCommState
IsDBCSLeadByteEx
GlobalDeleteAtom
DuplicateHandle
SetMailslotInfo
LeaveCriticalSection
CreateProcessA
GetCPInfo
lstrcmpA
GetEnvironmentVariableW
IsProcessorFeaturePresent
GetTapeStatus
CreateNamedPipeW
CreatePipe
FindResourceExW
GetACP
FindFirstFileA
SetProcessShutdownParameters
DeleteFiber
LCMapStringA
EnumTimeFormatsW
RaiseException
GetHandleInformation
SetThreadLocale
ExitProcess
GetProcessTimes
EraseTape
GetFileAttributesA
MoveFileW
GetProfileIntA
IsBadWritePtr

gdi32

Polygon
EndPath
SetMapperFlags
TextOutA

ole32

CoUninitialize
OleSetContainedObject
OleCreate
OleGetIconOfClass

ws2_32

WSACleanup
WSASocketW
WSARecvFrom
recv
htonl
ntohl
WSAGetQOSByName

Sections

.text
Size: 7KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82c698412fdd4fddcd94a69aae68d6af

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

ws2_32

Sections

.text Size: 7KB - Virtual size: 224KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 7KB - Virtual size: 224KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 17KB - Virtual size: 16KB