188f8417192c1d8a1498611e84daf0fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

188f8417192c1d8a1498611e84daf0fe_JaffaCakes118
Size

404KB
MD5

188f8417192c1d8a1498611e84daf0fe
SHA1

923371a7d7ea9a0c5cce99e6d7b2ce02f7e08a2a
SHA256

2d148d6d85836a3058deab12c9f147fae04f71bffa40cfc8639482c2f9e7561c
SHA512

9d110e14c5f6c7082833068b4709bea6371f811b48efc3c4246c59e3563c3df06516121a8f44c093d2be94e9b1e097d7180172f9a61a1ebb40a5c6b306f176a8
SSDEEP

12288:EXrhWVV5Js782QimkfBrahoh1AKIpeBESS8:MrhWeQimkfBrahohdIgB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
188f8417192c1d8a1498611e84daf0fe_JaffaCakes118

Files

188f8417192c1d8a1498611e84daf0fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c530dd239a279e9714f83536520349b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

bind
htons
socket
ntohs
sendto
WSAStartup
gethostname
inet_ntoa
ioctlsocket
select
__WSAFDIsSet
gethostbyname
inet_addr
htonl
connect
ntohl
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
recv
accept
listen
WSACreateEvent
WSAEventSelect
send
WSACloseEvent
closesocket
recvfrom
WSAGetLastError
setsockopt

advapi32

ControlService
OpenServiceA
StartServiceA
QueryServiceStatus
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
DeleteService

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysStringLen
SysAllocString
SysFreeString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetLocaleInfoA
IsValidCodePage
IsValidLocale
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
EnumSystemLocalesA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
LoadLibraryA
GetLocaleInfoW
SetEnvironmentVariableA
GetEnvironmentVariableA
GetModuleFileNameA
SetHandleCount
SetEndOfFile
SetStdHandle
UnhandledExceptionFilter
SetLastError
TlsAlloc
GetCurrentThreadId
HeapSize
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
CreateEventA
WaitForSingleObject
SetEvent
GetTickCount
Sleep
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
MultiByteToWideChar
GetLastError
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
GetSystemDirectoryA
GetTempPathA
GetPrivateProfileStringA
InterlockedDecrement
QueryPerformanceCounter
GetSystemTime
InterlockedIncrement
CopyFileA
LocalFree
LocalAlloc
GetVersionExA
GetLocalTime
WideCharToMultiByte
FindClose
FindNextFileA
FindFirstFileA
MoveFileA
CreateProcessA
InterlockedExchange
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
RtlUnwind
GetTimeZoneInformation
GetFileType
CreateFileA
CreateDirectoryA
DeleteFileA
FlushFileBuffers
WriteFile
SetFilePointer
ReadFile
GetSystemTimeAsFileTime
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
HeapReAlloc

Sections

.text
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c530dd239a279e9714f83536520349b

Headers

File Characteristics

Imports

ws2_32

advapi32

ole32

oleaut32

version

kernel32

Sections

.text Size: 320KB - Virtual size: 319KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 24KB - Virtual size: 49KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 320KB - Virtual size: 319KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 24KB - Virtual size: 49KB

.rsrc
Size: 28KB - Virtual size: 26KB