cec8471b6afb7ce7ef8de4f4ffa9fcf4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cec8471b6afb7ce7ef8de4f4ffa9fcf4_JaffaCakes118
Size

1.9MB
MD5

cec8471b6afb7ce7ef8de4f4ffa9fcf4
SHA1

51aa0560eced9f0ce9871bab8dcfa03724b99183
SHA256

bf78d1e18d6740b7caa9d2c907093e7187be9e3bee73c81a271fb8564732941d
SHA512

e824764078bd9f36dae8ddc2046921e025005b1968c0a83861f47fc21c059bb52553e4df7a4b3c9d8c1ff520848a0ae053a2332a4c73cbe3bc95f8f027acb221
SSDEEP

24576:yiPLQ29u26fkQz3qimHWnmEpicRBdwiN1HDFKTKR2XfFKd/0+/uUaLjI:pPU0QfkQLq1PAjRciNGGR2vF6/p/enI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cec8471b6afb7ce7ef8de4f4ffa9fcf4_JaffaCakes118

Files

cec8471b6afb7ce7ef8de4f4ffa9fcf4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c711079ffc9977143dee0565bce3213

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
SetSystemPowerState
GetCPInfo
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
GetProfileStringW
VirtualProtect
lstrcmpiA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetEndOfFile
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
GetOEMCP
GetACP
LoadLibraryA
CreateFileA
FlushFileBuffers
SetStdHandle
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
HeapFree
HeapAlloc
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetLastError
CloseHandle
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
SetFilePointer
ReadFile
WriteFile
GetStdHandle
GetSystemInfo

user32

SetWindowsHookExA
SystemParametersInfoA
FrameRect
ClientToScreen
RegisterClassExA
GetWindowTextLengthA
MapDialogRect
LoadIconA
OffsetRect
FillRect
TrackPopupMenu
DrawFrameControl
PostMessageA
SetWindowLongA
IsDialogMessageA
GetActiveWindow
AppendMenuA
GetMessageA
CloseClipboard
EndDialog

ws2_32

WSASocketA
WSACreateEvent
WSAConnect
gethostbyaddr
socket
connect
closesocket
bind
accept

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 380KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c711079ffc9977143dee0565bce3213

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 392KB - Virtual size: 392KB

.data Size: 380KB - Virtual size: 1.9MB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 392KB - Virtual size: 392KB

.data
Size: 380KB - Virtual size: 1.9MB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 9KB