d402754f2b1b5d9f56ab88e6d0a636c3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d402754f2b1b5d9f56ab88e6d0a636c3_JaffaCakes118
Size

220KB
MD5

d402754f2b1b5d9f56ab88e6d0a636c3
SHA1

ecbd5073a7d5a87f0d84801ea54e444fff67d285
SHA256

25d5282a4d7a79fc3bad945ca4369afa93779f0b9fa396a8d9219de95ccb1251
SHA512

c8be87b588a4e5c833b2bdd984ea409e258567bc9160b6b2d089f020eabe2223551d0223be570ed619b2cf20acc5e6706e9d8bd41cdf03be89972e8f1c8ba40c
SSDEEP

6144:wHaVMa79HVphCciXw/0C5pcy5K7OqCbHX:wYMa7pVmcik0cp75UOqCLX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d402754f2b1b5d9f56ab88e6d0a636c3_JaffaCakes118

Files

d402754f2b1b5d9f56ab88e6d0a636c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e14517a8d733e3ab3b111b9351d913ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
WritePrivateProfileSectionW
LocalLock
EnumResourceNamesA
GetSystemDirectoryW
EnumSystemCodePagesA
SetProcessWorkingSetSize
ClearCommBreak
GetSystemDefaultLangID
SetEndOfFile
CreateProcessA
WritePrivateProfileStringW
GetLargestConsoleWindowSize
GetVolumeInformationW
GetAtomNameA
VirtualLock
GetDiskFreeSpaceExA
_hread
DebugBreak
WriteConsoleOutputCharacterA
GetOEMCP
GetModuleHandleA
WritePrivateProfileStructA
GetFileType
RemoveDirectoryW
GetWindowsDirectoryA
TlsGetValue
EndUpdateResourceA
SetCurrentDirectoryA
lstrcpynA
SetCommMask
FreeResource
SetConsoleCursorPosition
VirtualAlloc
GlobalGetAtomNameW
FindCloseChangeNotification
VirtualQuery
SuspendThread
SetFileTime
GetStartupInfoA

user32

AttachThreadInput
GetClassInfoA
VkKeyScanA
DefMDIChildProcA
ShowOwnedPopups
ExitWindowsEx
IsWindowVisible
LoadBitmapA
PostMessageA
GetNextDlgGroupItem
UnregisterClassA
SetCaretBlinkTime
WindowFromPoint
InvalidateRect

gdi32

OffsetWindowOrgEx
PlayEnhMetaFileRecord
SetDIBColorTable
GetSystemPaletteEntries
CreateRoundRectRgn
ExtTextOutA
ScaleViewportExtEx
CreateHatchBrush

advapi32

CryptGetHashParam
RegLoadKeyW
ObjectDeleteAuditAlarmW
CryptHashData
AllocateLocallyUniqueId
BuildTrusteeWithSidW
GetUserNameA

ole32

CoUninitialize
CoCreateInstance

oleaut32

VariantChangeType
SetErrorInfo
SysFreeString
SysAllocStringLen
SafeArrayUnaccessData

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ws2_32

WSAIoctl
WSANtohl
WSAJoinLeaf
WSASendDisconnect
WSALookupServiceEnd
WSAStartup

msvcrt

exit
_XcptFilter
_exit
wcscmp
asctime
_mbsnbcpy
_open_osfhandle
fgets
_tempnam
_fsopen
wcsftime
perror
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_acmdln

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e14517a8d733e3ab3b111b9351d913ac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

version

ws2_32

msvcrt

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 208KB - Virtual size: 207KB

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 208KB - Virtual size: 207KB