0055b009a2ee6d3700574c926ca0ad43_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0055b009a2ee6d3700574c926ca0ad43_JaffaCakes118
Size

60KB
MD5

0055b009a2ee6d3700574c926ca0ad43
SHA1

a2458afb2f01c60c30bb4e70693dd1885a8e3a22
SHA256

44caac014ddeb26700f312aabc7df7a0d98c806783aa2a7e1fc6e48d708d912f
SHA512

4b3f27c2a4b83f1854849544bce046e79bc3d1af87b20bdfe56902059b758bff7553d2e5b7beb69770805f282c323aafb116cdae69703d57f2bcde32b7b8086c
SSDEEP

768:18C6TzOdFnFOGyzaZV9fOnHgMshXIo2y01TtSTk8KhjhVeOu/PebRN3HBjZyRL2Y:15lmSI0kdhjhGPihjMRL2dMtEgU7fU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0055b009a2ee6d3700574c926ca0ad43_JaffaCakes118

Files

0055b009a2ee6d3700574c926ca0ad43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eba212e15c07b3645bd61389559c0d97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
Shell_NotifyIconA

user32

OpenClipboard
ModifyMenuA
PostMessageA
MessageBoxExA
MessageBoxA
LoadIconA
LoadCursorA
KillTimer
GetMessageA
GetDlgItemTextA
GetDlgItem
GetDC
GetCursorPos
GetClientRect
FindWindowA
EndPaint
EndDialog
EnableWindow
RegisterClassExA
EmptyClipboard
DrawIconEx
DispatchMessageA
ReleaseDC
SendMessageA
SetActiveWindow
SetClipboardData
DialogBoxParamA
DestroyWindow
DefWindowProcA
CreateWindowExA
CreatePopupMenu
CreateDialogParamA
CloseClipboard
CharLowerA
BeginPaint
UpdateWindow
ShowWindow
SetTimer
TrackPopupMenu
SetFocus
SetDlgItemTextA
SetForegroundWindow
wsprintfA
AppendMenuA
PostQuitMessage
TranslateMessage

kernel32

SizeofResource
OpenMutexA
RtlZeroMemory
ExitProcess
DeleteFileA
CreateProcessA
lstrcpyA
lstrcatA
CloseHandle
GetCommandLineA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcessHeap
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetVersionExA
GetWindowsDirectoryA
lstrlenA
lstrcpynA
GlobalAlloc
MulDiv
WaitForSingleObject
SystemTimeToFileTime
Sleep
FindResourceA
CreateMutexA
CopyFileA
MultiByteToWideChar
HeapAlloc
LockResource
LoadResource
HeapFree
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalFree

gdi32

CreateFontA
CreateSolidBrush
GetDeviceCaps

comctl32

ord17
ord5
ord6

rasapi32

RasEnumDevicesA
RasEnumConnectionsA
RasDeleteEntryA
RasDialA
RasSetEntryPropertiesA
RasGetConnectStatusA
RasGetErrorStringA
RasHangUpA

ole32

CreateStreamOnHGlobal
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
CoInitialize
CoCreateInstance
IsEqualGUID

oleaut32

OleLoadPicture

wsock32

socket
recv
inet_ntoa
htons
connect
closesocket
WSAStartup
WSAGetLastError
WSACleanup
send
WSAAsyncSelect

advapi32

RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey

shlwapi

PathFileExistsA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eba212e15c07b3645bd61389559c0d97

Headers

File Characteristics

Imports

shell32

user32

kernel32

gdi32

comctl32

rasapi32

ole32

oleaut32

wsock32

advapi32

shlwapi

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 32KB

.rsrc Size: 12KB - Virtual size: 28KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 32KB

.rsrc
Size: 12KB - Virtual size: 28KB