0dd3cb5a8ea23e597235a14bef103aa4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0dd3cb5a8ea23e597235a14bef103aa4_JaffaCakes118
Size

84KB
MD5

0dd3cb5a8ea23e597235a14bef103aa4
SHA1

49351ef9190be2bc737b6870d82d542676d2cae6
SHA256

038534b10aff37872583beb57e0dbf1ab6cfb90938007a811fe7f8e7b30c5c03
SHA512

0d92201f440e923209e83b2f43b0727c6da397483bfc9104e70c156f50c5b937fd4ff0223fde68ac60bb09b7483eded9fd38dd9646e38624e872a759a78ef940
SSDEEP

1536:sExnwFG0X8Dj5QToTVzjsCOy3/EMMYlE7Kw2:XwcHPa/uEMMYlE7Kw2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dd3cb5a8ea23e597235a14bef103aa4_JaffaCakes118

Files

0dd3cb5a8ea23e597235a14bef103aa4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

defe2567d3b2d6579c0eb5adda7a7d62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
Process32Next
CreateToolhelp32Snapshot
SetLocalTime
GetLocalTime
CloseHandle
SetFileTime
CreateFileA
CopyFileA
lstrcatA
GetVolumeInformationA
GetLastError
CreateMutexA
FreeLibrary
GetFileTime
GlobalAlloc
GlobalFree
ReadFile
GetFileSize
SetEndOfFile
WriteFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
GetSystemDirectoryA
Sleep
GetModuleFileNameA
lstrlenA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
RtlUnwind
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetCPInfo
SetEnvironmentVariableA

advapi32

RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ws2_32

WSAGetLastError
WSACleanup
gethostbyname
inet_addr
shutdown
closesocket
recv
send
htons
socket
setsockopt
connect
WSAStartup

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

defe2567d3b2d6579c0eb5adda7a7d62

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 1KB