245885a0f0a91f9977bf7dfc49ff3c48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

245885a0f0a91f9977bf7dfc49ff3c48_JaffaCakes118
Size

968KB
MD5

245885a0f0a91f9977bf7dfc49ff3c48
SHA1

389bac9a65f00cf9e947f97172f111385ffd0bb1
SHA256

967c8d904e578ff78368de91397d665ad7c8c89c574ece89c7321912abfcfb84
SHA512

26d794e96c9aa8fb51f63c074041e0c8b2dc00d6b8acadffe415e35c3ffd533ea1c1ed723779d3f6ab575c8845bef8c9b21df80d3c1da3d9e17b9cd598a8458d
SSDEEP

24576:ox++ucfmNm9TKGRUve+zOxg8xamvftGOPsZEzaocGmY6QMBiCjnEki4R6q:45qNoTYeo6vftukQYUzzzDoq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
245885a0f0a91f9977bf7dfc49ff3c48_JaffaCakes118

Files

245885a0f0a91f9977bf7dfc49ff3c48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1197305a67ebae79a7bd7c28ea029dc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMenu
SetLastErrorEx
GetSystemMetrics
MessageBoxA
LoadStringA
AppendMenuA
DrawMenuBar
PeekMessageA
CallMsgFilterA
TranslateMessage
DispatchMessageA
CharLowerA
CharUpperBuffA
wsprintfA

advapi32

OpenSCManagerA
StartServiceA
CloseServiceHandle
OpenServiceA
GetUserNameA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegFlushKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA

wsock32

htons
bind
listen
WSACleanup
getpeername
accept
select
__WSAFDIsSet
recv
send
shutdown
setsockopt
connect
closesocket
socket
ioctlsocket
recvfrom
WSAStartup
gethostname
gethostbyname
inet_addr
sendto
gethostbyaddr

shell32

ShellExecuteExA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
SetStdHandle
GetConsoleCP
HeapSize
IsValidLocale
LoadLibraryW
GetLocaleInfoW
CompareStringA
IsValidCodePage
GetOEMCP
HeapReAlloc
VirtualAlloc
GetModuleFileNameW
WriteConsoleW
CompareStringW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCPInfo
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
RaiseException
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetDriveTypeA
InterlockedExchange
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
DeviceIoControl
LockFile
UnlockFile
IsBadStringPtrW
IsBadStringPtrA
VirtualProtect
FlushInstructionCache
GetFileTime
GetFileSize
SetEndOfFile
FlushFileBuffers
SetFilePointer
SetEnvironmentVariableA
ReadFile
WriteFile
WriteConsoleA
GetConsoleOutputCP
GetStringTypeW
ExitProcess
ReleaseSemaphore
GetCurrentProcess
GetVersionExA
GetVersion
GetModuleHandleA
GetCurrentProcessId
GetTickCount
GetWindowsDirectoryA
GetCurrentDirectoryA
SetConsoleCtrlHandler
GetCurrentThreadId
GetModuleFileNameA
VirtualQuery
HeapFree
TerminateProcess
HeapAlloc
GetProcessHeap
DuplicateHandle
GetCurrentThread
GetExitCodeThread
GetSystemInfo
GetSystemDirectoryA
GetComputerNameA
SetLastError
IsBadReadPtr
GetThreadLocale
GetACP
GetDiskFreeSpaceA
GetTempPathA
SystemTimeToFileTime
GetLocalTime
GetFileAttributesA
GetFullPathNameA
SetCurrentDirectoryA
TlsSetValue
LocalAlloc
LocalFree
TlsGetValue
TlsAlloc
TlsFree
WideCharToMultiByte
MultiByteToWideChar
GetEnvironmentVariableA
AreFileApisANSI
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
GetProfileStringA
CloseHandle
UnmapViewOfFile
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
Sleep
WaitForSingleObject
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
OpenProcess
GetExitCodeProcess
GetTimeZoneInformation
GetSystemTime
FileTimeToSystemTime
IsBadWritePtr
OpenEventA
CreateEventA
SetEvent
WaitForMultipleObjects
GetStdHandle
GetConsoleMode
DeleteFileA
SetFileTime
CreateFileA
CreateDirectoryA
CreateSemaphoreA

Sections

__wibu00
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu01
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu02
Size: 4KB - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu03
Size: 928KB - Virtual size: 928KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1197305a67ebae79a7bd7c28ea029dc0

Headers

File Characteristics

Imports

user32

advapi32

wsock32

shell32

version

kernel32

Sections

__wibu00 Size: 16KB - Virtual size: 13KB

__wibu01 Size: 8KB - Virtual size: 4KB

__wibu02 Size: 4KB - Virtual size: 784B

.rsrc Size: 8KB - Virtual size: 4KB

__wibu03 Size: 928KB - Virtual size: 928KB

__wibu00
Size: 16KB - Virtual size: 13KB

__wibu01
Size: 8KB - Virtual size: 4KB

__wibu02
Size: 4KB - Virtual size: 784B

.rsrc
Size: 8KB - Virtual size: 4KB

__wibu03
Size: 928KB - Virtual size: 928KB