dbaa06632493bc6feb1a10b148bef92d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dbaa06632493bc6feb1a10b148bef92d_JaffaCakes118
Size

176KB
MD5

dbaa06632493bc6feb1a10b148bef92d
SHA1

7cb35f093f645d6238454cedf61d4c6993324c1c
SHA256

0a9ac013e354bc6eba78038a073a4b84461b22ba6a25099e4f27f23af2b7b583
SHA512

34cd80c774bd859d099f0e610a44061e781b36dbb70e25340c5174169cf0c48a898d83f77a63f8c8544ccb73a4fd37ee1efcbe3acec502944ea35ccd6a326d9a
SSDEEP

3072:K8Ex3ow+aeg3/NIg+F35dnA5hNhLHMcsu9Psry:tk3ow+alNEjA5hLH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbaa06632493bc6feb1a10b148bef92d_JaffaCakes118

Files

dbaa06632493bc6feb1a10b148bef92d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56e2159d70c19a5970867fa4ca83d15b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
Sleep
lstrcpyA
GlobalAlloc
FindResourceA
OpenProcess
GetWindowsDirectoryA
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalUnlock
LoadResource
LockResource
WinExec
CopyFileA
CloseHandle
GetVersion
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
WideCharToMultiByte
HeapAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetStdHandle
GetStartupInfoA
GetModuleHandleA
DeleteFileA
GetLastError
HeapFree
GetCurrentProcess
ExitProcess
GetFileType
RtlUnwind
WriteFile
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
FlushFileBuffers
GetStdHandle
GetCommandLineA
SetFilePointer

user32

TranslateAcceleratorA
GetWindowTextA
RegisterClassExA
KillTimer
GetWindowThreadProcessId
LoadIconA
DestroyWindow
LoadCursorA
TranslateMessage
GetMessageA
LoadAcceleratorsA
LoadStringA
SetFocus
wsprintfA
SetTimer
GetWindow
DispatchMessageA
GetDlgItem
PostMessageA
SetWindowTextA
CheckDlgButton
DefWindowProcA
BeginPaint
ShowWindow
GetDlgItemTextA
SendMessageA
CreateDialogParamA
EndDialog
SetDlgItemTextA
EndPaint
GetClientRect
DrawTextA
MessageBoxA
PostQuitMessage
CreateWindowExA
DialogBoxParamA

advapi32

RegEnumValueA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA

ole32

CoCreateInstance
CoInitialize

rasapi32

RasDeleteEntryA
RasEnumDevicesA
RasDialA
RasSetEntryDialParamsA
RasSetEntryPropertiesA
RasGetErrorStringA
RasHangUpA
RasEnumConnectionsA

wininet

InternetAttemptConnect
HttpOpenRequestA
InternetOpenA
InternetConnectA
HttpSendRequestA

wsock32

ioctlsocket
WSAStartup
socket
htons
gethostbyname
sendto
closesocket

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ABC
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

56e2159d70c19a5970867fa4ca83d15b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rasapi32

wininet

wsock32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 36KB - Virtual size: 36KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 84KB - Virtual size: 84KB

.ABC Size: 4KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 36KB - Virtual size: 36KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 84KB - Virtual size: 84KB

.ABC
Size: 4KB - Virtual size: 4KB