0afc8f50a1db006e118e3cf8a6021108_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0afc8f50a1db006e118e3cf8a6021108_JaffaCakes118
Size

172KB
MD5

0afc8f50a1db006e118e3cf8a6021108
SHA1

9206564da3d0fa892cbf06f72fed3e8590707b6b
SHA256

d6bd17b3bb48570544c413542352ececb8e55674d1d37346fdd288dee3fa4b80
SHA512

524d565f41879a9f4665ce0fd54192fa8a1a2e5de884d98f40c8cc9d4d65f1cfbd16405ac9cca62cf01b14eb1df95b94f5fce884c06f5dae5c2adc8396ec44ee
SSDEEP

3072:JgzhvizNnebrH1ivN+s/BWYlhN2GL/oYQ8zmKJ/XGAQYQWulL2nl/SHeWo6:OIQ7usYlak/oYQ8zmKJOApLulCn9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0afc8f50a1db006e118e3cf8a6021108_JaffaCakes118

Files

0afc8f50a1db006e118e3cf8a6021108_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9f965480a962a373942a6c7140a31eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
VirtualProtect
FindNextFileA
WaitForSingleObject
FindFirstFileA
GetFileSize
CreateFileA
SetFilePointer
SetEvent
SetFileTime
GetSystemDirectoryA
SetLastError
GetModuleFileNameA
GetVersionExA
GetVersion
GetSystemTimeAsFileTime
GetModuleHandleA
CopyFileA
ExpandEnvironmentStringsA
DeleteFileA
CreatePipe
CreateProcessA
ReadFile
PeekNamedPipe
WriteFile
CreateThread
WaitForMultipleObjects
CloseHandle
TerminateThread
GetExitCodeProcess
TerminateProcess
GetLocalTime
Sleep
GetLastError
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
EnterCriticalSection
GetFileTime
LeaveCriticalSection
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetProcAddress
SetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
ExitProcess
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA

advapi32

CreateServiceA
ChangeServiceConfig2A
ChangeServiceConfigA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
ControlService
QueryServiceConfigA

ws2_32

WSACleanup
WSAStartup
inet_addr
shutdown
socket
closesocket
htons
send
recv
WSAGetLastError
select
setsockopt
ioctlsocket
gethostbyname
ntohs
connect

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e9f965480a962a373942a6c7140a31eb

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 30KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 30KB