f464cd240b828281be0b8c6b91a2f1de_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f464cd240b828281be0b8c6b91a2f1de_JaffaCakes118
Size

156KB
MD5

f464cd240b828281be0b8c6b91a2f1de
SHA1

998ef112a1d4b62fec0effc2ae52e0b87e1eeb95
SHA256

bf36d4c3e65263d8789a482a9d356c4410cb88abe617f71a86e73bbbea7daa01
SHA512

16cc78ff527b258e50d2fc591c7817a5a80e64f604325e3801cabefa605c748dfc608034b056e63e1cd9ca119852a6f4331eece84d068bf56947ae9bfddb518c
SSDEEP

3072:QhbkoaVQ0UgXg4tsmZZnfN4noIz4OzuWPRl8/aQrIBs:2kvGIXkmZ5fNdIRqWb8zrIBs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f464cd240b828281be0b8c6b91a2f1de_JaffaCakes118

Files

f464cd240b828281be0b8c6b91a2f1de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d418d5a2be05f30d4b11938c15c1870

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\emukova.pdb

Imports

version

GetFileVersionInfoW

ws2_32

socket
gethostbyname
shutdown
getpeername
setsockopt
getsockname
sendto

uxtheme

OpenThemeData
DrawThemeText
CloseThemeData

crypt32

CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertCreateCertificateContext
CryptDecodeObject
CertFreeCertificateContext
CertCloseStore
CryptHashPublicKeyInfo
CertDeleteCertificateFromStore
CertEnumCertificatesInStore
CryptImportPublicKeyInfo
CryptHashCertificate
CertFreeCertificateChain

rpcrt4

UuidFromStringW
RpcImpersonateClient
RpcRevertToSelf
NdrServerCall2
I_RpcBindingIsClientLocal
RpcMgmtSetServerStackSize
RpcServerListen
RpcServerRegisterIf
I_RpcBindingInqLocalClientPID

kernel32

CreateFileA
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
SetEndOfFile
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FlushFileBuffers
GetModuleHandleA
SetStdHandle
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
GetVolumeInformationW
InitializeCriticalSection
EnterCriticalSection
GetProfileStringW
CloseHandle
OpenSemaphoreW
HeapFree
HeapAlloc
GetStartupInfoW
GetVersionExA
GetLastError
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
SetFilePointer
ReadFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 811KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2d418d5a2be05f30d4b11938c15c1870

Headers

File Characteristics

PDB Paths

Imports

version

ws2_32

uxtheme

crypt32

rpcrt4

kernel32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 88KB - Virtual size: 811KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 88KB - Virtual size: 811KB