ce691d304fdd54e8c8e2f33044e6fd4d_JaffaCakes118

General

Target

ce691d304fdd54e8c8e2f33044e6fd4d_JaffaCakes118
Size

164KB
MD5

ce691d304fdd54e8c8e2f33044e6fd4d
SHA1

8260005971baba68a0df88b4fa9d12f65d9bae91
SHA256

b830688131db2e42dcb4d4e516a35db5735a2ad0c058a113a642330ebd358a42
SHA512

318fb4f0644d98204825d5e4784188f85daf52b9c0b062f906b40b5eb02311a251070b2ea625cce6ae02417cab6e32c1a009f765941838dad9d432825a24d53a
SSDEEP

3072:CFYKXM6P9b1RGaHlJXsGHRR3DURaUELB7VffPN:Cx8q9vGitsGHHLfH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce691d304fdd54e8c8e2f33044e6fd4d_JaffaCakes118

Files

ce691d304fdd54e8c8e2f33044e6fd4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7f18b73d6b6924cd359049ea402916d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA
DragQueryPoint
SHGetSpecialFolderPathW
ExtractIconA

version

VerInstallFileA
GetFileVersionInfoA
VerFindFileA

ws2_32

WSADuplicateSocketA
WSAConnect
ntohl
WSAUnhookBlockingHook
WSARecv
WSAEnumNetworkEvents

kernel32

SetConsoleCursorPosition
LoadResource
GetComputerNameW
GetTempPathW
CreateWaitableTimerA
GetFileType
GetProfileStringA
ReadConsoleInputW
SuspendThread
PulseEvent
GetSystemDirectoryW
LocalFileTimeToFileTime
EnumCalendarInfoA
GlobalGetAtomNameW
EnumTimeFormatsW
ExitProcess
EnumResourceLanguagesW
_lopen
GetPrivateProfileStringA
IsBadWritePtr
WritePrivateProfileSectionW
IsDBCSLeadByteEx
GetTempFileNameA
EnumResourceNamesW
GetBinaryTypeA
WritePrivateProfileStringA
WritePrivateProfileStructA
CreateDirectoryExA
SetCommMask
SetEndOfFile
OutputDebugStringA
SetErrorMode
SetEnvironmentVariableA
SetStdHandle
GetStartupInfoA
LocalLock
GetFileAttributesExA
FindFirstFileExW
PrepareTape
GetPrivateProfileSectionW
WriteConsoleOutputW
InitializeCriticalSection
SetTimeZoneInformation
CopyFileExW

user32

DestroyAcceleratorTable
ShowScrollBar
wsprintfW

msvcrt

sscanf
_cwait
atof
fscanf
strncmp
_open_osfhandle
_wspawnvp
_tempnam
fwprintf
_wtol
_chsize

Sections

.text
Size: 12KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7f18b73d6b6924cd359049ea402916d

Headers

File Characteristics

Imports

shell32

version

ws2_32

kernel32

user32

msvcrt

Sections

.text Size: 12KB - Virtual size: 109KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 140KB - Virtual size: 139KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 109KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 140KB - Virtual size: 139KB

.rsrc
Size: 4KB - Virtual size: 2KB