07e9fee5c491723663f9f838b6d2c865_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07e9fee5c491723663f9f838b6d2c865_JaffaCakes118
Size

992KB
MD5

07e9fee5c491723663f9f838b6d2c865
SHA1

b6a2349db7871cfab6c247e69a74eb65f4d09b88
SHA256

b2dbc7c520c32701a1825f8a1531406d393cf38c3496b1e1c6d34e4146b29c49
SHA512

5a7e806f372d9110f3a9fddd889344d2c955872d887f2708b7e98e10a0cce9c70c0ef83351152b48b804c058e8c804cfc3c0cc0538fb831d296aca1235be405e
SSDEEP

6144:jQknY4ddDKP7UGSTUEXkXFs9pk1f/p9iwlG6U2K9:jQkn9dd8SXeFCpc3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07e9fee5c491723663f9f838b6d2c865_JaffaCakes118

Files

07e9fee5c491723663f9f838b6d2c865_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82a89038cec53773f4d5b7a3ab77065a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLocalTime
GetModuleHandleA
GetSystemDirectoryA
GetWindowsDirectoryA
DeleteFileA
CloseHandle
WriteFile
CreateFileA
CreateProcessA
MoveFileA
GetTempPathA
CopyFileA
ExitProcess
ReadFile
SetFilePointer
GetFileSize
FindClose
FindNextFileA
FindFirstFileA
FreeLibrary
GetEnvironmentVariableW
GetProcAddress
LoadLibraryA
HeapFree
HeapAlloc
GetProcessHeap
FileTimeToSystemTime
FileTimeToLocalFileTime
VirtualQueryEx
ReadProcessMemory
GetSystemInfo
OpenProcess
GetTimeFormatA
GetDateFormatA
CreateThread
FormatMessageA
LoadLibraryExA
GlobalUnlock
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
SetFileAttributesA
MultiByteToWideChar
GetComputerNameA
CreateDirectoryA
TerminateProcess
lstrcmpiA
GetCurrentProcess
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
CreatePipe
SetConsoleCtrlHandler
GetLocaleInfoA
GetVersionExA
GetCurrentProcessId
WaitForSingleObject
CreateMutexA
WideCharToMultiByte
GetLogicalDrives
WaitForMultipleObjects
TerminateThread
GenerateConsoleCtrlEvent
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalMemoryStatus
TransactNamedPipe
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetLastError
GetFileAttributesA
Sleep
GetStringTypeW
GetStringTypeA
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA

user32

SendMessageA
GetClassNameA
EnumChildWindows
EnumWindows

advapi32

RegSetValueExA
RegOpenKeyA

ws2_32

WSAStartup
socket
setsockopt
ioctlsocket
htons
bind
WSACleanup
send
select
__WSAFDIsSet
accept
recv
closesocket
connect
inet_addr
gethostbyname
shutdown
listen

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 708KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PACKMAN
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

82a89038cec53773f4d5b7a3ab77065a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 708KB - Virtual size: 708KB

.PACKMAN Size: 136KB - Virtual size: 136KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 708KB - Virtual size: 708KB

.PACKMAN
Size: 136KB - Virtual size: 136KB