2ec0a4b90b527ca13eddec1428c6884f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ec0a4b90b527ca13eddec1428c6884f_JaffaCakes118
Size

580KB
MD5

2ec0a4b90b527ca13eddec1428c6884f
SHA1

d85d19380b21127172a6bd7a8c42dc84c2f89bd5
SHA256

f37eaf2a6ecb05850058cfd62dd6ad98f1c107e0c18ce97174b395b2da62b6ae
SHA512

c5025f131641ab64a144101bf169753a86933f2e1db4589a073ea321ba097968902b7268eba619dabd1e16eee65c2a8e7c62dfe4e09b7d2fbc3d3d000d5eb49b
SSDEEP

6144:l8cut2GxoBOFoQr64uOnsca/0b0VtZ+T4wr:lpu5qsFoC6Qsca/PPwr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ec0a4b90b527ca13eddec1428c6884f_JaffaCakes118

Files

2ec0a4b90b527ca13eddec1428c6884f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fbe3fe1706ae23d5f551cbf31b3ee886

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
WSASetServiceW
getprotobyname
WSARecv
shutdown
WSAEnumProtocolsW
WSAAsyncGetHostByName

gdi32

CreateEnhMetaFileA
GetFontData
CreateEllipticRgnIndirect
GetTextExtentExPointA
ScaleWindowExtEx
InvertRgn
CreateCompatibleDC
SetDIBits
GetMetaFileBitsEx
CloseMetaFile

user32

CloseClipboard
CharNextA
SendMessageCallbackW
GetProcessWindowStation
MapWindowPoints
wvsprintfW
WindowFromDC
GetSystemMetrics
CreateDialogParamA
LoadKeyboardLayoutW
GetWindowThreadProcessId
ClientToScreen
SetScrollPos
UnhookWindowsHookEx
SendDlgItemMessageA
DialogBoxParamW
PtInRect
DrawStateW
BeginPaint

kernel32

WriteConsoleOutputW
PurgeComm
GetNumberFormatW
CreateWaitableTimerA
SizeofResource
GetCurrentDirectoryW
ExpandEnvironmentStringsW
VirtualFree
SetThreadLocale
GetCurrentProcess
CreateIoCompletionPort
GetModuleFileNameW
GetEnvironmentStringsW
DuplicateHandle
LoadLibraryExA
ClearCommBreak
GlobalReAlloc
GetTempPathW
CloseHandle
IsBadWritePtr
SetLastError
InitializeCriticalSection
GetCommConfig
GetDateFormatA
SetConsoleMode
GetWindowsDirectoryA
SetEndOfFile
ExitProcess
GetSystemTime
VirtualAllocEx
GetTimeZoneInformation
GetProcessHeap
GetTempFileNameA
GetProcessTimes
RemoveDirectoryA
LoadResource
IsProcessorFeaturePresent
GenerateConsoleCtrlEvent
CancelIo
VirtualProtect
GetACP
FindFirstFileExW
SetEvent
WritePrivateProfileStringW
GetUserDefaultLCID
lstrcatW

ole32

CoGetObject
OleFlushClipboard
OleInitialize
OleSave

shell32

SHGetSpecialFolderPathW
SHGetSettings

msvcrt

_wsopen
_strcmpi
_mbctolower
_ltoa
iswprint
strcspn
system
_wfreopen
iswalnum
_chdrive
_mbsinc
_tempnam
iswalpha
freopen
fscanf
setvbuf
_wtoi64

Sections

.text
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbe3fe1706ae23d5f551cbf31b3ee886

Headers

File Characteristics

Imports

ws2_32

gdi32

user32

kernel32

ole32

shell32

msvcrt

Sections

.text Size: 308KB - Virtual size: 307KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 245KB - Virtual size: 245KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 308KB - Virtual size: 307KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 245KB - Virtual size: 245KB

.rsrc
Size: 22KB - Virtual size: 21KB