08b54f9b2b3fb19e388d390d278f3e44_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08b54f9b2b3fb19e388d390d278f3e44_JaffaCakes118
Size

64KB
MD5

08b54f9b2b3fb19e388d390d278f3e44
SHA1

aaa5c64200ff0818c56ebe4c88bcc1143216c536
SHA256

a4159e5aa5b36d80d0fc662412e33da601bdfd24b3b9b75756283b8a76684018
SHA512

6957a69b40662a086c2a1db82dd07523fdea264c86aa4f3603c13364458ac4b3f8f7d6febabdb9357343594e0941e35181c87cc2c4cae96c123ec5274a96ef9f
SSDEEP

768:B9HKllMoq0dJrtr9EwcUCQA1/rct5v6Y7fsre1m4Sv2mrJF5lh5MjljHpTtzNE:/sVPrthVOJrcyWuehLu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b54f9b2b3fb19e388d390d278f3e44_JaffaCakes118

Files

08b54f9b2b3fb19e388d390d278f3e44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c4128b8d741d4adabbb26e1f7e761e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
gethostbyname
gethostname
WSAStartup

advapi32

RegDeleteValueA
GetUserNameA
LookupAccountSidA
OpenProcessToken
GetTokenInformation
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
SetSecurityInfo
SetEntriesInAclA
AdjustTokenPrivileges
LookupPrivilegeValueA

mpr

WNetCloseEnum

shell32

SHGetMalloc
SHGetSpecialFolderPathA
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoCreateInstance

shlwapi

PathFileExistsA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_acmdln
exit
_XcptFilter
_exit
calloc
memset
_strnicmp
_ftol
malloc
free
strstr
strchr
fwrite
fopen
fread
fclose
toupper
rename
strrchr
sprintf
__CxxFrameHandler
memcpy
__getmainargs

kernel32

GetFileTime
GetModuleHandleA
GetStartupInfoA
SetFileTime
GetComputerNameA
GetVersionExA
GetSystemDefaultLangID
GlobalAlloc
GlobalFree
CreateToolhelp32Snapshot
Process32First
GetPriorityClass
Process32Next
GetCurrentProcess
DuplicateHandle
GetLastError
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileA
GetFileSize
GetSystemTime
SystemTimeToFileTime
CompareFileTime
MultiByteToWideChar
SetCurrentDirectoryA
CreateProcessA
FileTimeToSystemTime
GetTickCount
FindFirstFileA
CreateDirectoryA
FindNextFileA
FindClose
GetFileAttributesA
CopyFileA
GetLogicalDriveStringsA
GetDriveTypeA
GetDiskFreeSpaceExA
OpenMutexA
LocalFree
CloseHandle
SetEvent
WaitForSingleObject
Sleep
SetFileAttributesA
lstrcmpiA
ExitProcess
GetModuleFileNameA
SetErrorMode
LoadLibraryA
GetProcAddress
CreateThread
CreateEventA
DeleteFileA
GetSystemDirectoryA
GetWindowsDirectoryA
FreeLibrary

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c4128b8d741d4adabbb26e1f7e761e9

Headers

File Characteristics

Imports

ws2_32

advapi32

mpr

shell32

ole32

shlwapi

msvcrt

kernel32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 417KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 417KB

.rsrc
Size: 4KB - Virtual size: 1KB