03f67e87fe0c2f0daffecd737eeab4e5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03f67e87fe0c2f0daffecd737eeab4e5_JaffaCakes118
Size

556KB
MD5

03f67e87fe0c2f0daffecd737eeab4e5
SHA1

705a545dcacf056ad495ed7672aaac27eee8c879
SHA256

7435d77fb6b3beb8b88ac7766835406396024be63d38cec86007cdd7a34bc4b0
SHA512

b670f10448f74b8d7999505deef3036a1735e2a690146557abc49c2f543f28665ef2b8c214deca572b5a444f09c558e3981926af766d67c19e4559e0a66873db
SSDEEP

6144:XQeq/LnQDUaI3noUeY7EiiM77Ghtzyzqo+x5dmFQaKJQ:gX/8Yb3nXoiiM7isnW5dxdq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03f67e87fe0c2f0daffecd737eeab4e5_JaffaCakes118

Files

03f67e87fe0c2f0daffecd737eeab4e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b276a01554d95dbba6b2507cd6f93226

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleActiveScreenBuffer
SizeofResource
UnhandledExceptionFilter
SetConsoleMode
ReadConsoleInputW
FreeResource
SetErrorMode
GetBinaryTypeW
LoadResource
OpenMutexA
UnmapViewOfFile
ExitProcess
WriteConsoleOutputW
FindFirstFileA
_hread
EnumResourceNamesW
RaiseException
GetModuleHandleA
GetCompressedFileSizeW
CreateFileW
GenerateConsoleCtrlEvent
SetVolumeLabelA
VirtualUnlock
GetDiskFreeSpaceExA
lstrcmpiW
PulseEvent
GetSystemDefaultLangID
SetThreadAffinityMask
GetLongPathNameA
GetACP

oleaut32

SetErrorInfo

user32

SendInput
GetMenu
GetClassNameA
IsIconic
GetMenuItemCount
GetClipboardViewer
ToUnicodeEx
LoadCursorA

ws2_32

WSAAddressToStringW
shutdown
select
WSANtohs
htonl
ioctlsocket
closesocket
gethostname

gdi32

DeleteObject
StartPage
CopyMetaFileW
DeleteDC
Pie
GetTextCharacterExtra
Polygon
OffsetViewportOrgEx

advapi32

ImpersonateSelf
GetSidSubAuthorityCount
EqualSid
LookupPrivilegeValueA
AccessCheckAndAuditAlarmA
CryptVerifySignatureA
RegQueryValueA
RegSetValueA
BuildTrusteeWithNameW
RegisterEventSourceA
EnumDependentServicesA
DeregisterEventSource

msvcrt

_wgetcwd
strncpy
setvbuf
_chdrive
_endthread
_makepath
ferror
_wsopen
fgets
abort
_ismbcspace
_snprintf
mbtowc
memchr
_open_osfhandle

Sections

.text
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b276a01554d95dbba6b2507cd6f93226

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

ws2_32

gdi32

advapi32

msvcrt

Sections

.text Size: 302KB - Virtual size: 302KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 233KB - Virtual size: 232KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 302KB - Virtual size: 302KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 233KB - Virtual size: 232KB

.rsrc
Size: 16KB - Virtual size: 16KB