25cbfeb539e8a184f736658d79834696_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25cbfeb539e8a184f736658d79834696_JaffaCakes118
Size

871KB
MD5

25cbfeb539e8a184f736658d79834696
SHA1

6d4f07ff7c9a88b5f7161a34bee3f14ed625190a
SHA256

e4ca4a4e0b2d47ae13501c66707aa4c78ee16eeba4e92fe0e33e5edc1e8c9fb3
SHA512

ce01a19fe3cc0b2bbcdab0a45cf99ca69f208fef3ec7d8a58be0fed6fc5504a82b1101e7105034356de1ec0991e1dc383f8232b000fdfeb7f29f975f2d52d202
SSDEEP

24576:VjhVYSAstB6ro0avDypl8yrRRoJI8y6ThE08TAS0T:JhlJcavDypl8ydr6VyTAj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25cbfeb539e8a184f736658d79834696_JaffaCakes118

Files

25cbfeb539e8a184f736658d79834696_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3d3732acafcf39b8cbd24840e9414529

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

listen
recv
select
__WSAFDIsSet
WSACleanup
gethostbyname
inet_addr
bind
closesocket
accept
WSAStartup
socket
connect
send
htons
ioctlsocket

gdi32

GetMapMode
SetMapMode
LPtoDP
GetDeviceCaps
DPtoLP
GetStockObject

kernel32

GetStringTypeW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
CompareStringA
GetWindowsDirectoryA
Sleep
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CopyFileA
GetModuleFileNameA
GetTickCount
GetTempPathA
WaitForSingleObject
GetProcAddress
Process32Next
CloseHandle
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
CreateThread
DeleteFileA
WriteFile
ReadFile
CreateFileA
SetFileAttributesA
GetVersionExA
GetLocalTime
GetLastError
FindClose
FindNextFileA
FindFirstFileA
CompareStringW
GetSystemTime
ResetEvent
SetEvent
GetExitCodeProcess
CreateProcessA
ContinueDebugEvent
SetThreadContext
GetThreadContext
WaitForDebugEvent
GetStartupInfoA
TerminateThread
CreateEventA
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetTempFileNameA
ReleaseMutex
MoveFileA
GetCommandLineA
CreateMutexA
GetEnvironmentVariableA
Module32First
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
SetFilePointer
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryA
GetFullPathNameA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetEnvironmentVariableA
SetEndOfFile
GetProcessHeap
CreateDirectoryA
MulDiv
RemoveDirectoryA
GetLocaleInfoA
GetUserDefaultLCID
GetFileAttributesA
GetCurrentThreadId
SetLastError
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
HeapFree
RtlUnwind
RaiseException
GetModuleHandleW
ExitProcess
GetSystemTimeAsFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
HeapAlloc
HeapReAlloc
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
GetCPInfo
HeapCreate
VirtualFree
VirtualAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

SetWindowTextA
GetTitleBarInfo
GetDesktopWindow
GetWindowRect
MoveWindow
SetFocus
BeginPaint
EndPaint
MessageBoxA
InvalidateRect
PostMessageA
UpdateWindow
PostQuitMessage
DefWindowProcA
GetWindowDC
LoadCursorA
RegisterClassExA
CreateWindowExA
CreateIconFromResourceEx
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

ole32

CreateStreamOnHGlobal

shell32

Shell_NotifyIconA

oleaut32

OleLoadPicture

Sections

.text
Size: 757KB - Virtual size: 757KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d3732acafcf39b8cbd24840e9414529

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

gdi32

kernel32

user32

advapi32

ole32

shell32

oleaut32

Sections

.text Size: 757KB - Virtual size: 757KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 82KB - Virtual size: 112KB

.text
Size: 757KB - Virtual size: 757KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 82KB - Virtual size: 112KB