fffb2731af01541f470d65297ffa548a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fffb2731af01541f470d65297ffa548a_JaffaCakes118
Size

5.0MB
MD5

fffb2731af01541f470d65297ffa548a
SHA1

eb0b0ccfc2ba59d58bd347bb503b82fff4233379
SHA256

31acad9e7935b412bdc95036d99f528453410d02b560b3048f36208014547cac
SHA512

40f21f5f9d1ef1ab4d9e0783743ea60403aefc031720ca2fd466e0d238ab3ca7db2146d75baff859307290ddbf459d8b8e41a09636b2bbcbda6c90f891597651
SSDEEP

98304:reNgBq1wzIsys4tlBZ8U/v/+oKpieurZCI19lvBK1jyeUkjGuGl27K/DeRYcNN3X:rgzwzIsyFxOUH/+o2i/gKdeUyGuG87EA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sample

Files

fffb2731af01541f470d65297ffa548a_JaffaCakes118
.bz2
sample
.exe windows:4 windows x86 arch:x86

d989e0c25d5a43fb34ce0ee7f265144e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\project\ss\data\bin\client.pdb

Imports

kernel32

lstrcpy
SetConsoleScreenBufferSize

imm32

ImmSetCompositionStringA

user32

DrawTextA

gdi32

GetDeviceGammaRamp

advapi32

RegOpenKeyA

shell32

ShellExecuteA

winmm

mmioAdvance

d3d8

Direct3DCreate8

dsound

ord11

libiconv2

ord5

dbghelp

SymGetOptions

ddraw

DirectDrawCreateEx

ws2_32

recvfrom

dinput8

DirectInput8Create

Sections

.text
Size: 4.1MB - Virtual size: 16.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 956KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 792KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d989e0c25d5a43fb34ce0ee7f265144e

Headers

File Characteristics

PDB Paths

Imports

kernel32

imm32

user32

gdi32

advapi32

shell32

winmm

d3d8

dsound

libiconv2

dbghelp

ddraw

ws2_32

dinput8

Sections

.text Size: 4.1MB - Virtual size: 16.3MB

.rsrc Size: 44KB - Virtual size: 109KB

.idata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 956KB

.data Size: 792KB - Virtual size: 792KB

.data Size: 4KB - Virtual size: 4KB

.text Size: 92KB - Virtual size: 92KB

.text
Size: 4.1MB - Virtual size: 16.3MB

.rsrc
Size: 44KB - Virtual size: 109KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 956KB

.data
Size: 792KB - Virtual size: 792KB

.data
Size: 4KB - Virtual size: 4KB

.text
Size: 92KB - Virtual size: 92KB