ffe68c66c3b6ad08aa8bc46409b12131_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ffe68c66c3b6ad08aa8bc46409b12131_JaffaCakes118
Size

548KB
MD5

ffe68c66c3b6ad08aa8bc46409b12131
SHA1

038db2dfc1f94912f3c53c5c0f9751535d2e27e5
SHA256

ff59eca280a2b040efdf7b04ac2793b84d4fed4285567e09fcaab0119d9a45ed
SHA512

67af7ae120864e984776ef762e9a8ac4b963deb3cd0d61d907662257d03bb55e93fd0ee799db7a791743effa8fd5f7b7f2239dfba3e0088cf9df1d733deb4c38
SSDEEP

12288:yMjR2XFOVDn/dTO10n6B3jbVSRiqivv85IiOuqlpFvfb7pK+9M/0J/9BT:yMjR2XFOd5O10n6B3jZ3qvQtF3hK+99

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffe68c66c3b6ad08aa8bc46409b12131_JaffaCakes118

Files

ffe68c66c3b6ad08aa8bc46409b12131_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f788c134600e5a238bc43b55d2ba7f36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lmgr8b

ord244
ord63
ord43
ord194
ord59
ord34
ord32
ord33
ord79
ord52
ord61
ord45

sx32w

RNBOsproFindFirstUnit
RNBOsproSetContactServer
RNBOsproInitialize
RNBOsproFormatPacket
RNBOsproFindNextUnit
RNBOsproRead

kernel32

GetVersion
TerminateThread
WaitForSingleObject
CreateThread
FreeLibrary
GetProcAddress
LoadLibraryA
ResumeThread
SuspendThread
GetCurrentThread
SetProcessWorkingSetSize
OpenProcess
GetCurrentProcessId
GetPriorityClass
GetCurrentProcess
CreateProcessA
GetModuleFileNameA
CreateFileA
CloseHandle
ReadFile
SetFilePointer
WriteFile
GetEnvironmentVariableA
Sleep
GetFileType
GetFileAttributesA
GetLastError
SetErrorMode
GetVersionExA
GetLocalTime
SetEndOfFile
GetStdHandle
FormatMessageA
DebugBreak
RaiseException
SetLastError
VirtualQuery
MapViewOfFile
CreateFileMappingA
GetModuleHandleA
VirtualAlloc
VirtualFree
DeleteFileA
SetThreadPriority
GetACP
SetConsoleCtrlHandler
GetCommandLineA
GetTempFileNameA
GetTempPathA
GetFullPathNameA
GetFileInformationByHandle
FlushFileBuffers
HeapAlloc
GetStartupInfoA
ExitProcess
GetTimeZoneInformation
GetSystemTime
TerminateProcess
HeapFree
HeapReAlloc
MultiByteToWideChar
RtlUnwind
UnhandledExceptionFilter
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
LCMapStringA
LCMapStringW
SetEnvironmentVariableA
GetCPInfo
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW

user32

LoadCursorA
LoadIconA
MessageBoxA
GetSysColor
GetDC
GetDesktopWindow
KillTimer
RegisterClassA
DialogBoxParamA
SetWindowTextA
ReleaseDC
MessageBeep
SetDlgItemTextA
EndDialog
GetDlgItemTextA
GetWindowRect
GetClientRect
CreateWindowExA
SetTimer
SetWindowPos
ShowWindow
GetWindowPlacement
SendMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA

gdi32

LineTo
MoveToEx
DeleteObject
TextOutA
GetDeviceCaps
CreatePen
GetStockObject
CreateFontIndirectA
SelectObject
GetTextMetricsA
GetCharWidthA
SetBkMode
SetBkColor
SetTextColor

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 436KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 84KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f788c134600e5a238bc43b55d2ba7f36

Headers

File Characteristics

Imports

lmgr8b

sx32w

kernel32

user32

gdi32

advapi32

Sections

.text Size: 436KB - Virtual size: 433KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 84KB - Virtual size: 2.8MB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 436KB - Virtual size: 433KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 84KB - Virtual size: 2.8MB

.rsrc
Size: 4KB - Virtual size: 4KB