0bd864db65ff719be0e6416f051c705e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0bd864db65ff719be0e6416f051c705e_JaffaCakes118
Size

300KB
MD5

0bd864db65ff719be0e6416f051c705e
SHA1

26cd11030ef8505b8175e101b3a548a1cbc3b04c
SHA256

4a6d6a42d619a71e0c7af815feacb023232512f655fe946d25d5369a78c7dcb6
SHA512

32f837b08e5306b2f531e4bc336072370f87294cc1dedc73dc9e8d9436aab3ad17f061dc81d5e3b9c8094032412b241196c1cf59982331644ecc92c61eaac344
SSDEEP

3072:0K/6R8VYTXPc9OASWh9iotuj9OC6wFMC5fivg5eeOWd4mFSr8OChNBGz2t5:iXSww949X6QMmfivg5JO84mwFza

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bd864db65ff719be0e6416f051c705e_JaffaCakes118

Files

0bd864db65ff719be0e6416f051c705e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33e9cc1a504cb5efbc12e9439044c477

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GetACP
MultiByteToWideChar
lstrlenW
GetLastError
EnterCriticalSection
LockResource
DeleteCriticalSection
CloseHandle
LocalFree
GetFileSize
SetErrorMode
CreateProcessW
GetVolumeInformationA
CreateProcessA
ReadFile
GetSystemDirectoryA
LeaveCriticalSection
GetModuleFileNameA
Process32NextW
CreateToolhelp32Snapshot
GetFileTime
GetVersionExA
GetWindowsDirectoryW
GetTempPathA
SetEvent
TerminateThread
GetExitCodeThread
CreateEventW
CreateThread
GetModuleFileNameW
WaitForMultipleObjects
SetFilePointer
FlushFileBuffers
GetConsoleMode
FormatMessageW
SizeofResource
Sleep
WideCharToMultiByte
InitializeCriticalSection
WriteFile
GetProcessHeap
GetTickCount
WaitForSingleObject
HeapFree
HeapAlloc
LoadResource
FindResourceW
FindResourceExW
lstrlenA
Process32FirstW
HeapReAlloc
SetEndOfFile
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetConsoleCP
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetExitCodeProcess
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryA
InterlockedExchange
GetLocaleInfoA
GetThreadLocale
RaiseException
HeapDestroy
HeapSize
InterlockedIncrement
InterlockedDecrement
VirtualProtect
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetSystemInfo
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
DeleteFileW
GetLocalTime
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
GetStdHandle
GetFileAttributesW
SetHandleCount
GetFileType

user32

GetKeyboardState
GetActiveWindow
UnregisterClassA

advapi32

QueryServiceStatusEx
StartServiceW
ChangeServiceConfig2W
OpenSCManagerW
CloseServiceHandle
CreateServiceW
RegisterServiceCtrlHandlerW
SetServiceStatus
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
StartServiceCtrlDispatcherW

ole32

CLSIDFromProgID
CoInitialize
CoUninitialize
CoCreateInstance
StringFromCLSID

ws2_32

WSACloseEvent
WSASetEvent
WSAStartup
getaddrinfo
WSARecv
WSASocketW
WSASend
WSAGetLastError
WSAEnumNetworkEvents
WSAEventSelect
WSACleanup
WSAGetOverlappedResult
freeaddrinfo
WSACreateEvent
WSASetLastError
closesocket
WSAResetEvent
WSAConnect

Sections

.text
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33e9cc1a504cb5efbc12e9439044c477

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

Sections

.text Size: 248KB - Virtual size: 246KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 248KB - Virtual size: 246KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 1KB