3f049f8b0cfae3dcf7f7e80be29b3b96_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3f049f8b0cfae3dcf7f7e80be29b3b96_JaffaCakes118
Size

422KB
MD5

3f049f8b0cfae3dcf7f7e80be29b3b96
SHA1

8593456d01d9e80ea0562bb332b244604dd1f399
SHA256

e89c971eb98fef3bc656af3b1e5f14561b296c7b4b9829f36f0ce177c6345956
SHA512

8a627b37f66c40df01f041c1ee7d3da535e4419fb2411d2e50ec05db9cc8c85c8e4b900d183f0746ae718663c1737f656839427fb727a319cfb6d6e542fa1af9
SSDEEP

6144:SpsK81JBNjVMRbwUXb8tFSfIrnCNSRuEkglTgiWlODu56qZiAm1:SM1d5MdwWQfSFSbZlMOk6BAm1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
3f049f8b0cfae3dcf7f7e80be29b3b96_JaffaCakes118

Files

3f049f8b0cfae3dcf7f7e80be29b3b96_JaffaCakes118
.exe windows:6 windows x86 arch:x86

59f8ec7f15f1559aea2e5a2c416924de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
FreeEnvironmentStringsW
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
GetConsoleMode
SetFilePointerEx
CreateFileW
FlushFileBuffers
ReadFile
ReadConsoleW
SetEndOfFile
DecodePointer
SetUnhandledExceptionFilter
GlobalUnlock
CreateProcessW
VirtualProtectEx
GlobalFree
GlobalAlloc
Sleep
SetFileAttributesW
GetLocaleInfoW
GetTempPathW
InitializeCriticalSection
CreatePipe
GetModuleFileNameW
GetEnvironmentStringsW
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
EncodePointer
RaiseException
RtlUnwind
GetLastError
FreeLibrary
LoadLibraryExW
GetModuleFileNameA
GetModuleHandleExW
HeapAlloc
HeapValidate
GetSystemInfo
GetStdHandle
WriteFile
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetACP
GetFileType
GetStringTypeW
CloseHandle
OutputDebugStringA
OutputDebugStringW
WriteConsoleW
WaitForSingleObjectEx
CreateThread
LCMapStringW
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetProcessHeap
FindClose
FindFirstFileExW
FindNextFileW
EnterCriticalSection

ole32

CoInitialize
CoRegisterClassObject

ws2_32

WSACleanup
select
ntohl
listen
WSACreateEvent
WSASocketW
WSAStartup
inet_addr
WSAConnect
send
socket
WSAWaitForMultipleEvents
recv
WSAGetOverlappedResult
ioctlsocket

advapi32

SystemFunction036
LookupPrivilegeValueW
SetSecurityDescriptorDacl
RegCloseKey
RegEnumKeyW
QueryServiceStatus
SetSecurityDescriptorOwner
OpenSCManagerW
AllocateAndInitializeSid
SetServiceStatus
RegCreateKeyExW
RegisterServiceCtrlHandlerW
RegSetValueExW
OpenProcessToken
FreeSid
InitializeSecurityDescriptor
RegOpenKeyExW
StartServiceCtrlDispatcherW
OpenServiceW
OpenThreadToken
RegOpenKeyW
RegQueryValueExW
SetSecurityDescriptorGroup

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59f8ec7f15f1559aea2e5a2c416924de

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

ws2_32

advapi32

Sections

.text Size: 391KB - Virtual size: 390KB

.data Size: 14KB - Virtual size: 79KB

.idata Size: 3KB - Virtual size: 3KB

.gfids Size: 512B - Virtual size: 316B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 391KB - Virtual size: 390KB

.data
Size: 14KB - Virtual size: 79KB

.idata
Size: 3KB - Virtual size: 3KB

.gfids
Size: 512B - Virtual size: 316B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 10KB