179544d72b98675cc067ee8fbc6b208e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

179544d72b98675cc067ee8fbc6b208e_JaffaCakes118
Size

34KB
MD5

179544d72b98675cc067ee8fbc6b208e
SHA1

c0a74cfcfb7f31edc1cce0e53da0fb8408c5c574
SHA256

0f08e47e7c0e6956ebc09787d70ac731db10bf5d29de68525139cd59a22f75c9
SHA512

39859de45b82986a7aac53b0014650304c75357526bb7c1e7f620ac348e27c4241fe698468dd4eb1793f2bd3a02943ab16ce7f1af2b12c1a024da51573eea383
SSDEEP

768:nmfR/UF+ZLqRXxnXeklArwni9Nem3ovrQd0TmcQdLi0ia/Q:MW+ZeRXxXdAre2em3+rtSjia/Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
179544d72b98675cc067ee8fbc6b208e_JaffaCakes118

Files

179544d72b98675cc067ee8fbc6b208e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ced4353ea1d8afc0da7fd03bc52765f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LoadLibraryA
GetCurrentProcess
lstrcpynA
CreateToolhelp32Snapshot
GetCurrentProcessId
Module32FirstW
lstrcmpiW
Module32NextW
LocalAlloc
LocalFree
LoadLibraryW
WriteFile
GetTickCount
lstrlenW
MultiByteToWideChar
MoveFileW
DeleteFileW
GetProcAddress
MoveFileExW
FindFirstFileW
FindNextFileW
FindClose
GetUserGeoID
GetEnvironmentVariableA
GetVolumeInformationA
VirtualProtect
lstrcmpW
IsBadReadPtr
ReadFile
SetFilePointer
Process32FirstW
Process32NextW
GetVersionExA
GetModuleFileNameW
lstrcpynW
SetFileAttributesW
OpenProcess
DuplicateHandle
GetModuleHandleW
GetLastError
GetFileSize
OpenThread
Thread32First
Thread32Next
Process32First
lstrcmpiA
Process32Next
CreateFileMappingA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualQuery
RtlUnwind
IsProcessorFeaturePresent
SetEvent
ExitProcess
TerminateProcess
GetSystemDirectoryW
VirtualFree
CreateFileW
CreateDirectoryW
lstrcatW
lstrcpyW
GetLongPathNameW
GetTempPathW
ExpandEnvironmentStringsW
GetModuleHandleA
Sleep
WaitForSingleObject
CloseHandle
lstrlenA
lstrcpyA
VirtualAlloc
CreateEventA
IsBadWritePtr
CreateThread
IsDebuggerPresent

user32

SendMessageA
FindWindowA
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
LoadCursorA
MessageBoxA
wsprintfA
DefWindowProcA
PostMessageA
PtInRect
BeginPaint
GetClientRect
InflateRect
FillRect
FrameRect
EndPaint
ScreenToClient
wsprintfW
PostQuitMessage

gdi32

CreateSolidBrush
DeleteObject
LineTo
MoveToEx
CreatePen
SelectObject
GetStockObject

advapi32

RegCloseKey
CloseServiceHandle
QueryServiceStatusEx
StartServiceW
OpenServiceW
OpenSCManagerW
RegQueryValueExA
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegOpenKeyExA

ole32

CoCreateGuid
StringFromGUID2

ws2_32

send
recv
connect
closesocket
inet_addr
htons
socket
WSACleanup
gethostbyname
WSAStartup

psapi

GetModuleBaseNameW
GetModuleFileNameExW

iphlpapi

GetTcpStatistics

Exports

Exports

Init

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ced4353ea1d8afc0da7fd03bc52765f0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

ws2_32

psapi

iphlpapi

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 2KB