1a3282a252e619f2a4615732701c68b8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1a3282a252e619f2a4615732701c68b8_JaffaCakes118
Size

856KB
MD5

1a3282a252e619f2a4615732701c68b8
SHA1

9bea30171673a164a1e13ccca9dc18fa05e15830
SHA256

9f604ce376b38842c91c8ed05da952417780e8b65208d50ec770d27955803bcf
SHA512

98796b2d43bb00423a1dde24d7da5f3b851674407aa1549c9adbe540283327dff587134d1b3d6bd26b39a165378602aa3d108678e9e53ae42294de9402c70da3
SSDEEP

12288:6yIKPXD1okxUuSlUo58W2aKPRa3IkzNsf/tsJurq3JdEq/NTtp0ljSWf:bVPXDmuSKXaJoWurjqVTtpyH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a3282a252e619f2a4615732701c68b8_JaffaCakes118

Files

1a3282a252e619f2a4615732701c68b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fda17edec971b5e7c56fb5d20abb4c2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

recv
send
connect
WSAGetLastError
getservbyname
shutdown
WSASetLastError
ntohs
WSAStartup
WSACleanup
socket
setsockopt
closesocket
ioctlsocket
gethostbyname
htons

advapi32

ReportEventA
RegFlushKey
RegCreateKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
StartServiceA
CopySid
GetLengthSid
IsValidSid
LookupAccountNameA
GetUserNameA
SetServiceStatus
DeregisterEventSource
RegisterEventSourceA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyA
RegDeleteKeyA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
DeleteService
QueryServiceStatus
ControlService
OpenServiceA
RegDeleteValueA

kernel32

VirtualProtect
GetSystemInfo
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
GetCurrentDirectoryA
GetVersionExA
OutputDebugStringA
Sleep
FindFirstFileA
FindClose
GetSystemDirectoryA
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
HeapFree
FileTimeToLocalFileTime
GetLastError
LocalFree
FormatMessageA
GlobalFree
GlobalAlloc
GetModuleFileNameA
GetModuleHandleA
SetConsoleCtrlHandler
MultiByteToWideChar
FindNextFileA
GetTempFileNameA
GetTempPathA
SetFileTime
CreateFileA
SetFileAttributesA
ReadFile
SetFilePointer
GetFileSize
CopyFileA
MoveFileA
RemoveDirectoryA
GetFileAttributesA
DeleteFileA
CreateDirectoryA
WriteFile
FlushFileBuffers
SetEndOfFile
WideCharToMultiByte
GetExitCodeThread
CreateThread
GetLocalTime
GetTimeZoneInformation
GetVolumeInformationA
ReleaseMutex
WaitForSingleObject
CreateMutexA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCurrentProcessId
GlobalMemoryStatus
FlushConsoleInputBuffer
GetStdHandle
SetLastError
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
SetStdHandle
VirtualQuery
InterlockedExchange
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetDriveTypeA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetFullPathNameA
HeapAlloc
QueryPerformanceFrequency
RtlUnwind
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
IsBadReadPtr
HeapReAlloc
GetStartupInfoA
GetCommandLineA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
HeapSize
GetACP
GetOEMCP
GetCPInfo
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr

user32

CreateWindowExA
DefWindowProcA
TranslateMessage
PeekMessageA
RegisterClassA
DispatchMessageA
GetMessageA
DestroyWindow

ole32

CreateBindCtx
CoTaskMemAlloc

Sections

.text
Size: 588KB - Virtual size: 585KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fda17edec971b5e7c56fb5d20abb4c2c

Headers

File Characteristics

Imports

wsock32

advapi32

kernel32

user32

ole32

Sections

.text Size: 588KB - Virtual size: 585KB

.rdata Size: 192KB - Virtual size: 190KB

.data Size: 68KB - Virtual size: 97KB

.rsrc Size: 4KB - Virtual size: 992B

.text
Size: 588KB - Virtual size: 585KB

.rdata
Size: 192KB - Virtual size: 190KB

.data
Size: 68KB - Virtual size: 97KB

.rsrc
Size: 4KB - Virtual size: 992B