166a03d40f14c2f36f3602f5b3da5074_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

166a03d40f14c2f36f3602f5b3da5074_JaffaCakes118
Size

116KB
MD5

166a03d40f14c2f36f3602f5b3da5074
SHA1

8a630866c9186138993251f46a6ba1a3ccf554dc
SHA256

c9ca21fb99617850371267c32c01e2241fd5ae0860279d7ea37756283c1ff081
SHA512

08e0d278b200e1211f83c371c731934200818999e9620496f3690beecddb932d0661a58b93fb5382c4f45fa3e8d4bfba2ccaf83793f9a1fce9aeeda3831d5a4b
SSDEEP

1536:SJZFAJnpNuKYvZvujR/5/0KtNfiL+srsrW8r+8JiURntIAleWR:GFAdpNuKIZ2jR/eKe9U9r+8RntI5Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
166a03d40f14c2f36f3602f5b3da5074_JaffaCakes118

Files

166a03d40f14c2f36f3602f5b3da5074_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83356cd74ea0a4248b61d9a8430b8ee0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapAlloc
GetProcessHeap
OpenProcess
CreateFileA
Process32First
CreateToolhelp32Snapshot
GetStdHandle
FreeConsole
GetFileSize
WriteFile
PeekNamedPipe
ReadFile
ExitThread
GetCurrentProcess
DuplicateHandle
CreatePipe
WaitForMultipleObjects
TerminateProcess
DisconnectNamedPipe
CloseHandle
CreateEventA
CreateThread
TerminateThread
Sleep
CreateProcessA
WaitForSingleObject
SetEvent
GetModuleFileNameA
Process32Next
GetLastError
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LoadLibraryA
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetProcAddress
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetEndOfFile
SetFilePointer
SetStdHandle
CreateDirectoryA
ExitProcess
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetFileType
GetCommandLineA
GetVersion
RtlUnwind
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
GetStartupInfoA
WideCharToMultiByte
FlushFileBuffers

advapi32

GetTokenInformation
LookupAccountSidA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenServiceA
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
StartServiceA
RegDeleteValueA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
OpenProcessToken

ws2_32

recv
__WSAFDIsSet
select
send
listen
getsockname
recvfrom
accept
WSASetLastError
socket
setsockopt
bind
htons
getservbyport
ntohs
getservbyname
inet_addr
gethostbyname
inet_ntoa
gethostbyaddr
WSAGetLastError
WSAStartup
WSACleanup
closesocket
connect

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

83356cd74ea0a4248b61d9a8430b8ee0

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 48KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 48KB