f10891cd2fd6d5661c31ce8ca41a0543_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f10891cd2fd6d5661c31ce8ca41a0543_JaffaCakes118
Size

180KB
MD5

f10891cd2fd6d5661c31ce8ca41a0543
SHA1

979f793f7d175748cb1feeef3c7a6991204dee7b
SHA256

bdc30fa6014eb527c0d6a8fe494028d57e2150007f2f5835038874af8d04937d
SHA512

245a898c9ca26a1b5c64640c80f9e2eb1af8a388b822f70186a66dc7d42f17b54bcf52a2f925d7d79457daf7f44b35e7a86d08cc9a65c7771d2fa21ed7c5e28f
SSDEEP

1536:YOclyyuOAEE6Ib//u/Odv82NneTjVpm26qSG+a0/GwHO9x9R1u59eFGrYpLDKci:YOcly6cZevroQ7jqW9oe+YJDKci

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f10891cd2fd6d5661c31ce8ca41a0543_JaffaCakes118

Files

f10891cd2fd6d5661c31ce8ca41a0543_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2eab26d61b54435c4a7e42782a246fe7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

__WSAFDIsSet
select
WSAStartup
accept
bind
listen
recv
recvfrom
ntohs
ntohl
sendto
closesocket
socket
htons
htonl
connect
WSAGetLastError
send
ioctlsocket

wininet

InternetGetConnectedState

rpcrt4

UuidCreate

kernel32

GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
GetModuleHandleA
GetSystemDirectoryA
LoadLibraryA
GetTickCount
InitializeCriticalSection
IsBadReadPtr
LeaveCriticalSection
ExitProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
CloseHandle
DeleteFileA
MoveFileA
GetFileSize
Sleep
VirtualAlloc
VirtualFree
CreateProcessA
GetCurrentProcessId
GetVersion
WriteProfileStringA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetCommandLineA
GetLastError
CreateMutexA
FlushFileBuffers
IsBadCodePtr
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
EnterCriticalSection
CreateThread
RtlUnwind
GetSystemTimeAsFileTime
HeapAlloc
RaiseException
HeapFree
GetStartupInfoA
GetVersionExA
QueryPerformanceCounter
GetCurrentThreadId
GetModuleFileNameA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapSize
LCMapStringA

advapi32

RegEnumValueA
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PEPACK!!
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2eab26d61b54435c4a7e42782a246fe7

Headers

File Characteristics

Imports

ws2_32

wininet

rpcrt4

kernel32

advapi32

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 36KB - Virtual size: 36KB

PEPACK!! Size: 12KB - Virtual size: 12KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 36KB - Virtual size: 36KB

PEPACK!!
Size: 12KB - Virtual size: 12KB