2159d706b39464c14739c85e29ff8637_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2159d706b39464c14739c85e29ff8637_JaffaCakes118
Size

242KB
MD5

2159d706b39464c14739c85e29ff8637
SHA1

da920d5778fb12600f5064d28ee407e2796bf679
SHA256

98cb9d984190e95e8dd7089b6dbe60e02cf44d0844e0c62f2d825f04688ee4dd
SHA512

217dde8ebdcb798a326978db00f3f8873a49f0c140f8ca61f61dea50a9aae2aaa03c07df094d90c7667c8498391a5840afcac981ca5d33f0b8270e70b26b732e
SSDEEP

6144:9b/7CCTBCutn5saZrj5vH9HRlhOPViFRV1fwgCJxufbTP:9TEutiO3htPgPVaXfwhoTP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2159d706b39464c14739c85e29ff8637_JaffaCakes118

Files

2159d706b39464c14739c85e29ff8637_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93c4ee68ea67d606c582a8579c149024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyname
ntohs
WSAGetLastError
WSAStartup
WSACleanup
gethostbyaddr
inet_ntoa
inet_addr

iphlpapi

SendARP

kernel32

lstrlenW
lstrlenA
LeaveCriticalSection
EnterCriticalSection
SystemTimeToFileTime
GetLocalTime
CloseHandle
CreateThread
CreateEventA
TerminateThread
WaitForSingleObject
GetExitCodeThread
WaitForMultipleObjects
FreeLibrary
ReleaseMutex
FindResourceExA
OpenMutexA
CreateFileA
WriteFile
OutputDebugStringA
SetEndOfFile
SetFilePointer
GetFileSize
GetCurrentThreadId
CreateSemaphoreA
ReleaseSemaphore
UnmapViewOfFile
ResetEvent
MapViewOfFile
CreateFileMappingA
OpenEventA
OpenFileMappingA
OpenSemaphoreA
GetModuleHandleA
FileTimeToSystemTime
ResumeThread
ReadFile
GetSystemTime
CreateFileW
DeleteFileW
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
RaiseException
WideCharToMultiByte
GetThreadLocale
GetACP
GetSystemTimeAsFileTime
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
CreateMutexA
GetStartupInfoW
GetProcAddress

user32

CharUpperBuffA

advapi32

CryptDecrypt
CryptEncrypt
CryptDestroyKey
CryptDestroyHash
CryptReleaseContext
RegCreateKeyExA
RegSetValueExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGetProvParam
CryptDeriveKey
CryptGetHashParam

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysAllocStringByteLen
SysAllocStringLen
SysStringByteLen
VariantInit
VarBstrCmp
SysStringLen
SysFreeString
SysAllocString
VariantClear

w32topl

ToplListCreate

kbdno

KbdLayerDescriptor

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ikzeE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PwPvk
Size: 512B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WUdZ
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Hh
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.m
Size: 1024B - Virtual size: 902B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93c4ee68ea67d606c582a8579c149024

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

iphlpapi

kernel32

user32

advapi32

ole32

oleaut32

w32topl

kbdno

Sections

.text Size: 18KB - Virtual size: 17KB

.ikzeE Size: 1KB - Virtual size: 1KB

.PwPvk Size: 512B - Virtual size: 936B

.WUdZ Size: 1KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 2KB

.Hh Size: 2KB - Virtual size: 2KB

.m Size: 1024B - Virtual size: 902B

.data Size: 212KB - Virtual size: 360KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.ikzeE
Size: 1KB - Virtual size: 1KB

.PwPvk
Size: 512B - Virtual size: 936B

.WUdZ
Size: 1KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 2KB

.Hh
Size: 2KB - Virtual size: 2KB

.m
Size: 1024B - Virtual size: 902B

.data
Size: 212KB - Virtual size: 360KB

.rsrc
Size: 1KB - Virtual size: 1KB