0e0f5e7a097ab4698ecab478d7ec591f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e0f5e7a097ab4698ecab478d7ec591f_JaffaCakes118
Size

1.4MB
MD5

0e0f5e7a097ab4698ecab478d7ec591f
SHA1

5135a50c4d42ec883c57ab63f77fb1ba41f8d6fc
SHA256

0579b5f49a326b9d47ab52e46317ca9aa11b3cecbcb4d5ca5b6c340a9d2c0966
SHA512

8ee7814fe2ce2b4c583b4986db19a9f69120ea8ea8e231ea414077f29263a02f8d325953e488b3da0ceb6b26aa0db8ebd3292a1db0771de4f3ef99c22b0a1dfe
SSDEEP

24576:pQXDOfxTHKYRHFYqPd7KYt6YNyuxbp7BDdXf5UFnunLRPnynadJUVjknOBNydyHH:6zOZD7vYCdTxNy8VX5UFueQn8eA9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e0f5e7a097ab4698ecab478d7ec591f_JaffaCakes118

Files

0e0f5e7a097ab4698ecab478d7ec591f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f61769cef62ec24a05a0f92d3caf538a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

socket
recv
select
__WSAFDIsSet
bind
listen
accept
WSAStartup
send
WSACleanup
gethostbyname
inet_addr
htons
connect
closesocket
ioctlsocket

gdi32

GetDeviceCap
DPtoLP

kernel32

GetLocaleInfoA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetWindowsDirectoryA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
Sleep
GetTempPathA
CreateProcessA
GetLastError
WaitForSingleObject
ReleaseMutex
GetLocalTime
FreeLibrary
GetProcAddress
LoadLibraryA
SetEvent
SetFileAttributesA
CloseHandle
CreateEventA
MulDiv
GetModuleHandleA
ContinueDebugEvent
SetThreadContext
GetThreadContext
TerminateProcess
WaitForDebugEvent
GetStartupInfoA
CompareStringA
WriteFile
ReadFile
CreateFileA
CopyFileA
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
ResetEvent
Module32First
MoveFileA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExA
CreateThread
GetModuleFileNameA
TerminateThread
GetCommandLineA
CreateMutexA
GetEnvironmentVariableA
SetFilePointer
GetExitCodeProcess
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetFullPathNameA
SetStdHandle
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetCurrentThreadId
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetProcessHeap
GetTickCount
CreateDirectoryA
GetStringTypeA
FlushFileBuffers
SetLastError
TlsFree
TlsSetValue
TlsAlloc
GetSystemTimeAsFileTime
HeapAlloc
GetModuleHandleW
ExitProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
WideCharToMultiByte
GetTimeZoneInformation
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetStdHandle
GetFileAttributesA
SetHandleCount
GetFileType
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue

user32

MessageBoxA
ShowWindow
GetTitleBarInfo
GetDesktopWindow
GetWindowRect
MoveWindow
SetWindowTextA
BeginPaint
EndPaint
InvalidateRect
SetFocus
GetWindowDC
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
PostQuitMessage
CreateIconFromResourceEx
UpdateWindow

advapi32

RegOpenKeyA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

ole32

CreateStreamOnHGlobal

shell32

Shell_NotifyIconA

oleaut32

OleLoadPicture

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f61769cef62ec24a05a0f92d3caf538a

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

gdi32

kernel32

user32

advapi32

ole32

shell32

oleaut32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 97KB - Virtual size: 164KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 97KB - Virtual size: 164KB