daceb059aaa4bda6b5ef0b090ecd03b8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

daceb059aaa4bda6b5ef0b090ecd03b8_JaffaCakes118
Size

19KB
MD5

daceb059aaa4bda6b5ef0b090ecd03b8
SHA1

87cb605de68535ef3879a8cb782ede08ae6fbb78
SHA256

28aac1f817309c523bd1595209c8483f294eea7213959acfa631d74194f38491
SHA512

ad464b6453255bd342723662d4cec73113fd78b44a966ffa9a924093ecc60b5accc295c0cdca3f45d5063ce7bb7f42c1066be334ebd0dd89f51edef590393fc4
SSDEEP

384:ip7+2I8napiumQEDJ0rTEc0WJcNAnkoGN32:ipFzhQOKN0Wj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daceb059aaa4bda6b5ef0b090ecd03b8_JaffaCakes118

Files

daceb059aaa4bda6b5ef0b090ecd03b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa669ac0634f9fc6511c16f24214b6b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalMemoryStatus
MultiByteToWideChar
OpenProcess
Process32First
Process32Next
ReadFile
RtlZeroMemory
FindClose
GetTimeFormatA
SetPriorityClass
Sleep
TerminateProcess
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
CloseHandle
ExitProcess
GetTempPathA
GetSystemDirectoryA
GetPriorityClass
GetModuleHandleA
GetLogicalDriveStringsA
GetLocaleInfoA
GetFileSize
GetLocalTime
GetDriveTypeA
GetCurrentProcessId
GetComputerNameA
FindNextFileA
SetFilePointer
FindFirstFileA
DeleteFileA
CreateToolhelp32Snapshot
CreateFileA
SetErrorMode

user32

MessageBoxA
GetSystemMetrics
ReleaseDC
SendMessageA
GetDesktopWindow
GetDC
ReleaseCapture
wsprintfA

ws2_32

connect
gethostbyname
WSAStartup
WSACleanup
gethostname
htons
inet_addr
inet_ntoa
recv
send
socket
closesocket

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
GetUserNameA

shell32

ShellExecuteA
SHGetFileInfoA

gdi32

BitBlt
CreateCompatibleDC
DeleteDC
SelectObject
CreateCompatibleBitmap

psapi

GetModuleFileNameExA

gdiplus

GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdiplusShutdown
GdiplusStartup
GdipDisposeImage

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa669ac0634f9fc6511c16f24214b6b6

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

shell32

gdi32

psapi

gdiplus

avicap32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 134KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 134KB