2a4cf49eb0ac48fb0316243fab7a7b53_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a4cf49eb0ac48fb0316243fab7a7b53_JaffaCakes118
Size

824KB
MD5

2a4cf49eb0ac48fb0316243fab7a7b53
SHA1

14c035ed63b7e20f2ba64b89e12eff3034adb16e
SHA256

abcbddbf10e07560dcb56ed828a6f4cbec6683778ef876bd69199f1989e286cd
SHA512

17a0c11a872b5afa7f6407744fa87490cd99691e7e780a3e3760a36345bc3ec5a24fdebe7c3ac0c3b732fee76c7379757f8f4c961d6674ebb15c2252359711da
SSDEEP

6144:k7lKOmV0oP9ImuXwj3I+ihnR17eB6lFD3M:KlSV0oP9IHj3b7i6lJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a4cf49eb0ac48fb0316243fab7a7b53_JaffaCakes118

Files

2a4cf49eb0ac48fb0316243fab7a7b53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a516f5c43983fb703176f7a8a0205a81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
connect
WSACleanup
WSAStartup
setsockopt
ioctlsocket
htons
bind
listen
accept
recv
closesocket
socket
send
select
__WSAFDIsSet

kernel32

SetFileAttributesA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
MultiByteToWideChar
Sleep
ReadFile
CloseHandle
WriteFile
TransactNamedPipe
CreateFileA
GetLastError
CreateThread
GetModuleFileNameA
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLocalTime
ExitProcess
CreateProcessA
GetSystemDirectoryA
GetTimeFormatA
GetDateFormatA
GetFileSize
GetFileAttributesA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
SetFilePointer
LoadLibraryA
GetProcAddress
GetModuleHandleA
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
GetCurrentProcess
ExpandEnvironmentStringsA
GetTempPathA
DeleteFileA
OpenProcess
GetCurrentProcessId
CopyFileA
WaitForSingleObject
CreateMutexA
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
CreatePipe
GetComputerNameA
GetLocaleInfoA
GetVersionExA
TerminateThread
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
RaiseException
HeapSize
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

Sections

MEW
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�uۊ��
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a516f5c43983fb703176f7a8a0205a81

Headers

File Characteristics

Imports

ws2_32

kernel32

Sections

MEW Size: 688KB - Virtual size: 688KB

�uۊ�� Size: 132KB - Virtual size: 132KB

MEW
Size: 688KB - Virtual size: 688KB

�uۊ��
Size: 132KB - Virtual size: 132KB