23b6822b993584a6c6a425a55945dea7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

23b6822b993584a6c6a425a55945dea7_JaffaCakes118
Size

52KB
MD5

23b6822b993584a6c6a425a55945dea7
SHA1

959ca90d7431c9ca1f9dce385b1cb11d58b96efa
SHA256

460fe7b609f3a33f4e941cee6be65fe65b39a82b307ae0cf8b14bbe2207a3c70
SHA512

267b3fef19c1260c93681ba3745f3b4f1b2d5f7d6651261d4ff21aee12ac4358db12e53d4f6ef89affb6b9a23c5fa0b254dcbabaab6fe95df6f15fa1952e0b0a
SSDEEP

768:TjswzwTdCDyXB/TM7Fdy2LVATx8T3FeGUZ4G4iWbp74DurY4mSihJjt:ThwHVwR/2TOrFmZF4iWt7aSYtPjt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23b6822b993584a6c6a425a55945dea7_JaffaCakes118

Files

23b6822b993584a6c6a425a55945dea7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c94239e6869788de80670edad8f410f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetProcAddress
GetModuleHandleA
CreateProcessA
GetStartupInfoA
DeleteFileA
InterlockedDecrement
InterlockedIncrement
GlobalMemoryStatus
GetVersionExA
TerminateProcess
FindFirstFileA
Sleep
ReadFile
PeekNamedPipe
CloseHandle
GetWindowsDirectoryA
GetTickCount
GetModuleFileNameA
CreateThread
GetLastError
CreateMutexA
lstrcmpA
lstrlenA
FindNextFileA
FindClose
GetDriveTypeA
lstrcpyA
WriteFile
GetDiskFreeSpaceExA
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
CreateFileA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
SetEnvironmentVariableA
GetOEMCP
GetACP
RtlUnwind
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
EnterCriticalSection
LeaveCriticalSection
FlushFileBuffers
InitializeCriticalSection
DeleteCriticalSection
SetStdHandle
GetFileType
SetFilePointer
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCPInfo

advapi32

RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
GetUserNameA
GetUserNameW
RegOpenKeyExA

shell32

ShellExecuteA

ws2_32

WSACleanup
getpeername
WSAStartup
setsockopt
WSAIoctl
shutdown
closesocket
socket
gethostname
inet_ntoa
recv
send
gethostbyname
htons
connect
getsockname

shlwapi

PathFileExistsA
PathRemoveFileSpecA
PathFindFileNameA
PathIsDirectoryA
PathAddBackslashA

netapi32

NetApiBufferFree
NetUserGetInfo

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c94239e6869788de80670edad8f410f1

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

shlwapi

netapi32

iphlpapi

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 9KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 9KB