cf204b0088fb20c3aade940cecbfa91d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf204b0088fb20c3aade940cecbfa91d_JaffaCakes118
Size

571KB
MD5

cf204b0088fb20c3aade940cecbfa91d
SHA1

b11b7929c09c790e5f2aca4f1e3569f9e4bf7917
SHA256

cdf20568764a8951804bccb7b980dd9f76a67f77d5027b14551a89bc151d1fe7
SHA512

4c9ece31c5d69ef91fb49b55721fdb4088d7f6846b2fc87e36dbc9e195e7a318fe4de6c92a864781fc81b917cdca7d0111f1066e247f00a2d8e44f6670030f98
SSDEEP

12288:1/GHS7Kt+c0qod4hD/iCgyNf4SZTR8310JHF5znetwUalfV7vm7QZ/45y:qSJcod45g6ZlJJfkQ15

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf204b0088fb20c3aade940cecbfa91d_JaffaCakes118

Files

cf204b0088fb20c3aade940cecbfa91d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92dc7c0ce8689beb831afc9784a6d936

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
OffsetRect
CloseWindow
GetMenuDefaultItem
OemKeyScan
IsDlgButtonChecked
LoadBitmapA
OpenWindowStationA
HiliteMenuItem
DestroyIcon
FillRect
DispatchMessageW
IsZoomed
SendDlgItemMessageA
CreateIconIndirect
RegisterWindowMessageW
SendNotifyMessageA
FindWindowA
GetWindowLongA
LoadMenuIndirectA
GetMonitorInfoA
CheckDlgButton
SetActiveWindow
DeferWindowPos
PostMessageA
UnregisterClassA

kernel32

GetLocaleInfoW
PurgeComm
ExitProcess
lstrcmpA
FindNextChangeNotification
CompareStringW
DebugBreak
LoadLibraryExA
SetHandleCount
GetComputerNameW
EnumSystemCodePagesW
LCMapStringA
FindFirstFileExW
GetCurrentProcess
SetThreadAffinityMask
_lread
AreFileApisANSI

ole32

OleLockRunning
CoReleaseMarshalData

ws2_32

WSAUnhookBlockingHook
WSAAsyncGetHostByName
WSAAsyncGetServByPort
recv
gethostbyaddr
WSAStringToAddressA
gethostname
ntohl

comctl32

InitCommonControlsEx
ImageList_GetIcon
ImageList_SetOverlayImage

advapi32

RegSetValueExW
RegConnectRegistryA
EqualSid
InitiateSystemShutdownA
AllocateAndInitializeSid
IsValidSecurityDescriptor
GetSidLengthRequired
LookupPrivilegeValueA
OpenServiceA
SetServiceStatus
LookupAccountSidW
CryptGenRandom
GetSecurityInfo
DuplicateTokenEx
GetLengthSid
SetFileSecurityW
GetNamedSecurityInfoA
RegDeleteKeyA
EnumServicesStatusA

Sections

.text
Size: 13KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92dc7c0ce8689beb831afc9784a6d936

Headers

File Characteristics

Imports

user32

kernel32

ole32

ws2_32

comctl32

advapi32

Sections

.text Size: 13KB - Virtual size: 230KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 306KB - Virtual size: 306KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 13KB - Virtual size: 230KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 306KB - Virtual size: 306KB

.rsrc
Size: 17KB - Virtual size: 16KB