d341059eff8cd9907600e27b82463522_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d341059eff8cd9907600e27b82463522_JaffaCakes118
Size

2.0MB
MD5

d341059eff8cd9907600e27b82463522
SHA1

12b5b2fd99011766d98c52143975b3bca15e7cf3
SHA256

e31b1f7f6237791999f9766bf3e2351cd56af4f142afc260c6d54f5a14aac483
SHA512

0df385c3afd4fade1342cf1758de697ea3d68e334f826584cab0e5faf09b04c0b7c7b2e8a0d3f6f49e657050ac27c0cdafb14953adb90a2a9fb79922bcc4857f
SSDEEP

49152:qVLkQTb6CrYEcY53cY30AzZlCV0Smf9zd6/BXPG0IBWGQ2:qZkyPrYEcY53cY30AzZlCVcf9zd6/hGV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d341059eff8cd9907600e27b82463522_JaffaCakes118

Files

d341059eff8cd9907600e27b82463522_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79e8ca1bae7958ef27fcb03267260db7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

InitCommonControls

gdi32

ChoosePixelFormat
GetDeviceCaps
GetDeviceGammaRamp
SetDeviceGammaRamp
SetPixelFormat
SwapBuffers

kernel32

AddAtomA
AllocConsole
ExitProcess
FindAtomA
FindClose
FindFirstFileA
FindNextFileA
FreeConsole
FreeLibrary
GetAtomNameA
GetCommandLineA
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetStartupInfoA
GetStdHandle
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
LoadLibraryA
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleInputA
SetUnhandledExceptionFilter
Sleep
WriteFile

msvcrt

_close
_dup
_open
_read
_unlink
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_isctype
_lseeki64
_mkdir
_onexit
_pctype
_setjmp
_setmode
_stricmp
_strnicmp
_vsnprintf
abort
acos
asin
atan
atan2
atexit
atof
atoi
ceil
cos
exit
exp
floor
fmod
free
fwrite
getenv
gmtime
localtime
log
longjmp
malloc
memcpy
memmove
memset
pow
printf
qsort
rand
signal
sin
sqrt
srand
sscanf
strchr
strcmp
strcspn
strftime
strlen
strncmp
strrchr
strspn
strstr
strtol
tan
time
tolower
toupper

user32

AdjustWindowRectEx
ChangeDisplaySettingsA
ClipCursor
CloseClipboard
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnumDisplaySettingsA
GetClipboardData
GetCursorPos
GetDC
GetKeyboardState
GetMessageA
GetSystemMetrics
LoadCursorA
LoadIconA
MessageBoxA
MoveWindow
OpenClipboard
PeekMessageA
RegisterClassA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SetCapture
SetCursorPos
SetForegroundWindow
SetWindowPos
ShowCursor
ShowWindow
SystemParametersInfoA
ToAscii
TranslateMessage
UpdateWindow

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
mciSendCommandA
timeBeginPeriod
timeGetTime
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
bind
closesocket
freeaddrinfo
getaddrinfo
getsockname
htons
ioctlsocket
ntohs
recvfrom
select
sendto
setsockopt
socket

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 29.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

79e8ca1bae7958ef27fcb03267260db7

Headers

File Characteristics

Imports

comctl32

gdi32

kernel32

msvcrt

user32

winmm

ws2_32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.data Size: 83KB - Virtual size: 82KB

.rdata Size: 358KB - Virtual size: 357KB

.bss Size: - Virtual size: 29.6MB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 282KB - Virtual size: 282KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 83KB - Virtual size: 82KB

.rdata
Size: 358KB - Virtual size: 357KB

.bss
Size: - Virtual size: 29.6MB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 282KB - Virtual size: 282KB