19dc3a2dc9425a7e08f00277e76c5956_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19dc3a2dc9425a7e08f00277e76c5956_JaffaCakes118
Size

104KB
MD5

19dc3a2dc9425a7e08f00277e76c5956
SHA1

9244824589c162eb6a7457dbf8fef86605d1f758
SHA256

38338482f1e7d331a2e20f35cd49f5e6d0ba9531b4e912447092dbcd7f7c2925
SHA512

19f4e7cf094b5f4a9da110fcf573f20fed890bfc58f3cefcafc2d4d656c31994bedebfca9d348c73a9f0f0516a056d92df7a73f92a7b91972e521e2f0f25b74b
SSDEEP

1536:Cq4p66rG5/i3DMoTQBh4zqNXV8UR6YsMMvJ:Cq16rF3DCBh4zqZVxRzC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19dc3a2dc9425a7e08f00277e76c5956_JaffaCakes118

Files

19dc3a2dc9425a7e08f00277e76c5956_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36204538e25a3eaf5daed570367cc687

Headers

Imports

wsock32

send
WSAStartup
socket
ioctlsocket
gethostbyname
htons
connect
closesocket
recv
gethostname

kernel32

GetVolumeInformationA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA
GetStartupInfoA
GetDriveTypeA
CreateProcessA
CloseHandle
OpenProcess
TerminateProcess
CreateThread
LeaveCriticalSection
EnterCriticalSection
SystemTimeToFileTime
FileTimeToSystemTime
CreateFileA
GetSystemDirectoryA
GetWindowsDirectoryA
GetTimeZoneInformation
GetLocalTime
Sleep
GlobalFree
GlobalAlloc
ExitProcess
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcessId
SetFileTime
GetModuleFileNameA
GetComputerNameA
InitializeCriticalSection
GetCommandLineA
GetModuleHandleA
CreateToolhelp32Snapshot
Process32First
Process32Next
GetVolumeInformationA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA
GetStartupInfoA
GetDriveTypeA
CreateProcessA
CloseHandle
OpenProcess
TerminateProcess
CreateThread
LeaveCriticalSection
EnterCriticalSection
SystemTimeToFileTime
FileTimeToSystemTime
CreateFileA
GetSystemDirectoryA
GetWindowsDirectoryA
GetTimeZoneInformation
GetLocalTime
Sleep
GlobalFree
GlobalAlloc
ExitProcess
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcessId
SetFileTime
GetModuleFileNameA
GetComputerNameA
InitializeCriticalSection
GetCommandLineA
GetModuleHandleA
CreateToolhelp32Snapshot
Process32First
Process32Next

user32

ToAscii
GetWindowTextA
GetActiveWindow
CallNextHookEx
UnhookWindowsHookEx
DispatchMessageA
GetMessageA
SetKeyboardState
PeekMessageA
SetWindowsHookExA
SetTimer
GetKeyNameTextA
GetKeyboardState
wsprintfA
CharLowerBuffA

advapi32

RegDeleteValueA
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetQueryDataAvailable
HttpQueryInfoA
InternetReadFile

msvcrt

__p__fmode
_adjust_fdiv
__p__commode
strstr
__set_app_type
_except_handler3
__setusermatherr
_controlfp
memmove
exit
fseek
ftell
??2@YAPAXI@Z
strchr
??3@YAXPAX@Z
fwrite
atoi
strncmp
strncpy
_initterm
__getmainargs
__p__acmdln
_XcptFilter
_exit
tmpfile
_rmtmp
sprintf
fprintf
fread
strrchr
fclose
fopen

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

36204538e25a3eaf5daed570367cc687

Headers

Imports

wsock32

kernel32

user32

advapi32

mpr

wininet

msvcrt

Sections

.text Size: 100KB - Virtual size: 100KB

.text
Size: 100KB - Virtual size: 100KB