1c0afdfc26e9ab28d744c0e234695318_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c0afdfc26e9ab28d744c0e234695318_JaffaCakes118
Size

54KB
MD5

1c0afdfc26e9ab28d744c0e234695318
SHA1

bc5f9f6d56be2b5e7689fad7f83585f1675485aa
SHA256

4858eb73c13c1b70538242df23350b396932964b999a8c31b70e10948b3b4d38
SHA512

9d9c03e1f45074594e380eea9d60c400bf379614a430df851805d486d37002b21d06e021b7005d1b4906b453b01aa13cb87b7f8b68abb897b2ce3fdfe12925bd
SSDEEP

768:TFen9Dn9xGFBHiyg3jVTB0Z+GtxQ+SLwKPn6a7B0jO7JDXnjoYZZ:ReLxGF/g3gVxQJwKPnf0jUJnoYZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c0afdfc26e9ab28d744c0e234695318_JaffaCakes118

Files

1c0afdfc26e9ab28d744c0e234695318_JaffaCakes118
.exe windows:4 windows x86 arch:x86

433252b1384abedc0e760dce7f4dc6a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ioctlsocket
inet_addr
select
WSAStartup
gethostbyname
sendto
WSACleanup
htons
socket
connect
send
closesocket
recv

user32

CharLowerA

advapi32

RegCloseKey
DeleteService
ControlService
CreateServiceA
LockServiceDatabase
QueryServiceLockStatusA
ChangeServiceConfig2A
UnlockServiceDatabase
OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
RegCreateKeyExA
RegSetValueExA
GetUserNameA

shfolder

SHGetFolderPathA

kernel32

CreateFileA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetExitCodeProcess
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
SetErrorMode
SetFilePointer
FlushFileBuffers
CloseHandle
CreateProcessA
ExitThread
ExitProcess
GetTempPathA
Sleep
GetTickCount
CreateThread
ReleaseMutex
CreateMutexA
lstrcmpiA
SetFileAttributesA
GetLastError
CreateDirectoryA
GetModuleFileNameA
GetModuleHandleA
OpenMutexA
SetEvent
DeleteFileA
LocalFree
LocalAlloc
GetVersionExA
GetLocaleInfoA
WaitForSingleObject
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
WriteFile
TerminateProcess
GetCurrentProcess
GetFileAttributesA
ReadFile
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
SetStdHandle

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

433252b1384abedc0e760dce7f4dc6a8

Headers

File Characteristics

Imports

ws2_32

user32

advapi32

shfolder

kernel32

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 20KB

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 20KB