dae1bafae7a1ba7ca43511015b0255fe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dae1bafae7a1ba7ca43511015b0255fe_JaffaCakes118
Size

420KB
MD5

dae1bafae7a1ba7ca43511015b0255fe
SHA1

89ee03331deac4029eb61578eed01f3a4741b779
SHA256

ecc608ff27602c24fc163677c71def221b888905bb7f28242547d6b294ae7785
SHA512

2beecc765208f7641b1014a034b2a7cdeb880683139492c81312642e33fe33ea3425cea5e412fa60fd94d994e1464168f12054dff3004da4f2008585f8d70fb3
SSDEEP

6144:8B+5W4BuJPNCF2Mf6unmTPGTJg0zazOrXA1CsNdhLJZ9i9RxSQ:g+5WhpGpftmkJg0zazOrXA1d7tJO9vSQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dae1bafae7a1ba7ca43511015b0255fe_JaffaCakes118

Files

dae1bafae7a1ba7ca43511015b0255fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0426a9daacc7ef005774692074a4bfe4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError
recv
send
closesocket
connect
setsockopt
socket
htons
gethostbyname
WSACleanup
WSAStartup

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemInfo
CreateFileA
SetFilePointer
CloseHandle
ReadFile
SystemTimeToFileTime
GetCurrentDirectoryA
LocalFileTimeToFileTime
GetFileAttributesA
CreateDirectoryA
WriteFile
SetFileTime
Sleep
CreateMutexA
GetLastError
CreateProcessA
GetExitCodeProcess
VirtualProtect
GetSystemTimeAsFileTime
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
SetEndOfFile
HeapSize
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoA
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetACP
GetOEMCP
GetCPInfo
ExitProcess
GetProcAddress
TerminateProcess

user32

PostQuitMessage
EndPaint
DrawTextA
BeginPaint
DefWindowProcA
DestroyWindow
UpdateWindow
ShowWindow
LoadBitmapA
CreateWindowExA
AdjustWindowRectEx
GetClientRect
GetDesktopWindow
RegisterClassExA
LoadCursorA
LoadIconA
InvalidateRect
MessageBoxA
LoadStringA
DispatchMessageA
TranslateMessage
PeekMessageA
wsprintfA

gdi32

DeleteDC
DeleteObject
SetBkMode
BitBlt
SelectObject
CreateCompatibleDC

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0426a9daacc7ef005774692074a4bfe4

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 340KB - Virtual size: 340KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 340KB - Virtual size: 340KB