d0c8b104128069da01e9e2d8910021dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0c8b104128069da01e9e2d8910021dc_JaffaCakes118
Size

151KB
MD5

d0c8b104128069da01e9e2d8910021dc
SHA1

6a635934ef2fb7cfdfcc81ff7ff31c48d0bce023
SHA256

4ce33288a498542dc25531f7c6f607fe9e4c1db64a5a1275003f24efed4b3040
SHA512

2e4b5a2a5bedc66cda1dabf9031c7b9031bd40bb64a9d2c7e0331090152220b739bdf6d913f7576bd54d2492340d02493231881d3d1fbc1bb62571c8d244cdcf
SSDEEP

3072:PKp1nouE3Rg5xF2IGjnZTsqzmCNtr6OUTmXKY+tk393h:Cnnov3RWjGqCr6OyHtk3X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0c8b104128069da01e9e2d8910021dc_JaffaCakes118

Files

d0c8b104128069da01e9e2d8910021dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da4c70e36d7f9abece78b422d14387b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GetCommandLineA
GetModuleHandleA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
FatalAppExitA
LeaveCriticalSection
VirtualAlloc
InitializeCriticalSection
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
WriteFile
SetFilePointer
CloseHandle
GetProcessHeap
HeapFree
HeapAlloc
EnterCriticalSection
Sleep
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetStringTypeW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion

user32

SetScrollInfo
SendMessageW
GetClientRect
GetForegroundWindow
GetSystemMetrics
GetWindowRect
SetWindowsHookExA
SetWindowLongA
PostMessageA
IsDialogMessageA
SetWindowTextW
FindWindowW
IsIconic
LockWindowUpdate
CreateWindowExW
GetTopWindow
FrameRect
GetDoubleClickTime
SetParent
SetCursor
DestroyMenu
DispatchMessageA
SetMenuItemInfoA
GetMenuItemInfoA
GetMessageTime
DrawTextW
ScrollWindow
GetDlgCtrlID
GetSysColor
MapWindowPoints

advapi32

RegOpenKeyExA
OpenSCManagerA
RegQueryValueExA
OpenServiceA
OpenThreadToken
QueryServiceStatus
RegCloseKey

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString
CoRegisterClassObject

ws2_32

getservbyport
getprotobynumber
getsockname
htons
shutdown
setsockopt
WSAStartup
socket
WSACleanup
send
gethostbyname
gethostname
getpeername
sendto
getservbyname

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da4c70e36d7f9abece78b422d14387b8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 45KB - Virtual size: 187KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 45KB - Virtual size: 187KB