f8597a077f31494953ec4734f6bbc1be_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f8597a077f31494953ec4734f6bbc1be_JaffaCakes118
Size

104KB
MD5

f8597a077f31494953ec4734f6bbc1be
SHA1

0a8ff65a64437e11454fffe28d376f2881972a6d
SHA256

a004dd34652e77bcb02968b4b7d970b7eac9fe75ded8713a4c2c180b542e532c
SHA512

d06516d30e428952545d3c18bfe30acf44bf30b495b116207167476f7686939fcba0f62adc02d6e2773739e89f0efddeac4a7a43bf96c26d3e8328cb426178f8
SSDEEP

1536:mxB4F727sbf3cqpgBX4wYeinoQRU96B8TnTB4F727sbfG:C4t27sbftpgGwRiLRK28B4t27sbe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8597a077f31494953ec4734f6bbc1be_JaffaCakes118

Files

f8597a077f31494953ec4734f6bbc1be_JaffaCakes118
.exe windows:1 windows x86 arch:x86

380323d48c3ae5d1f17a433ed628efa7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
DeleteDC
DeleteObject
GetDIBits
GetDeviceCaps
SelectObject

winmm

ord2
mciSendCommandA

advapi32

AdjustTokenPrivileges
CloseServiceHandle
ControlService
DeleteService
GetUserNameA
InitializeSecurityDescriptor
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
RegCloseKey
RegCreateKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl
SetServiceStatus
StartServiceCtrlDispatcherA

user32

CharUpperBuffA
EnumChildWindows
EnumWindows
ExitWindowsEx
GetClassNameA
GetDesktopWindow
GetForegroundWindow
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
GetWindow
IsIconic
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
MessageBoxA
ReleaseDC
SendMessageA
SetWindowTextA

kernel32

CloseHandle
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateProcessA
CreateThread
DefineDosDeviceA
DeleteCriticalSection
DeleteFileA
DeviceIoControl
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetProcAddress
GetStdHandle
GetSystemDirectoryA
GetTimeZoneInformation
GetVersionExA
GetVersion
GetWindowsDirectoryA
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFileTimeToFileTime
LocalFree
MoveFileA
MultiByteToWideChar
OpenEventA
OpenProcess
QueryDosDeviceA
ReadConsoleInputA
ReadFile
RemoveDirectoryA
RtlUnwind
SetComputerNameA
SetConsoleCtrlHandler
SetConsoleMode
SetCurrentDirectoryA
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetLastError
SetLocalTime
SetPriorityClass
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteFile
lstrcmpiA

netapi32

Netbios

wsock32

getsockopt
htonl
ntohl
setsockopt
bind
socket
ntohs
getsockname
htons
send
recv
connect
accept
listen
closesocket
WSACleanup
WSAStartup

Sections

AUTO
Size: 61KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 10KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

380323d48c3ae5d1f17a433ed628efa7

Headers

File Characteristics

Imports

gdi32

winmm

advapi32

user32

kernel32

netapi32

wsock32

Sections

AUTO Size: 61KB - Virtual size:

.idata Size: 5KB - Virtual size:

DGROUP Size: 10KB - Virtual size:

.bss Size: 4KB - Virtual size:

.reloc Size: 4KB - Virtual size:

AUTO
Size: 61KB - Virtual size:

.idata
Size: 5KB - Virtual size:

DGROUP
Size: 10KB - Virtual size:

.bss
Size: 4KB - Virtual size:

.reloc
Size: 4KB - Virtual size: