0ed5a0c0fde19ab73283d9a56c9d9cc5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0ed5a0c0fde19ab73283d9a56c9d9cc5_JaffaCakes118
Size

129KB
MD5

0ed5a0c0fde19ab73283d9a56c9d9cc5
SHA1

445a0950d815d173c6c16c80fb20974ca53e0f3a
SHA256

4227f23f1ca91342c2f82a5a7e6b17c44aaa57a611c17ba427c881ed54f6881c
SHA512

e2350ef0503845cc68b7e7292b169367c4b58a45be212f2ea03b5dd12473635f3cd94fb6cde2ca8eb549c2d4dfef83adad91bf3bb2f61ce7d370e2d8b21da8c5
SSDEEP

3072:YShQevb7NDuiJZFXViNptH87qG7phUj5CuYHn7Dfoel:YShQ4zQTc7R7UjrYH7pl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ed5a0c0fde19ab73283d9a56c9d9cc5_JaffaCakes118

Files

0ed5a0c0fde19ab73283d9a56c9d9cc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd7d4cbfe875658b6cc79a6af815c32e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

packet

PacketCloseAdapter
PacketGetNetType
PacketRequest
PacketFreePacket
PacketInitPacket
PacketSendPacket
PacketReceivePacket
PacketOpenAdapter
PacketSetHwFilter
PacketAllocatePacket
PacketSetBuff
PacketSetReadTimeout

wsock32

inet_addr
gethostbyname
ioctlsocket
ntohs
WSAStartup
WSACleanup
gethostname
htonl
htons
ntohl

kernel32

InterlockedIncrement
DebugBreak
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateEventA
WaitForSingleObject
SetEvent
GetTickCount
ReadFile
WriteFile
GetStdHandle
CloseHandle
TerminateThread
GetExitCodeThread
Sleep
GetCurrentDirectoryA
ExitProcess
GetLastError
ReleaseMutex
WaitForMultipleObjects
InitializeCriticalSection
CreateMutexA
CreateThread
ResumeThread
SuspendThread
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
GetVersion
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
GetCurrentThreadId
TlsSetValue
ExitThread
RtlUnwind
SetConsoleCtrlHandler
GetCurrentProcess
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCommandLineA
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
FreeEnvironmentStringsW
GetModuleFileNameA
TlsAlloc
SetLastError
TlsGetValue
DeleteCriticalSection
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleA
HeapAlloc
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WideCharToMultiByte
FreeEnvironmentStringsA
SetStdHandle
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
MultiByteToWideChar
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetOEMCP
FlushFileBuffers
CreateFileA
GetCPInfo
GetACP
LCMapStringA
LCMapStringW
SetEndOfFile

advapi32

ControlService
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
DeleteService
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
CreateServiceA

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd7d4cbfe875658b6cc79a6af815c32e

Headers

File Characteristics

Imports

packet

wsock32

kernel32

advapi32

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 13KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 13KB