2cb27c646f6430b35a170c9bee81d035_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cb27c646f6430b35a170c9bee81d035_JaffaCakes118
Size

232KB
MD5

2cb27c646f6430b35a170c9bee81d035
SHA1

57ccd4ffb8bfdfacd13a3e6ceab713fa2aa4ebde
SHA256

f6ba0c1baf13bef3885382e65237c68e5c0be42965588e2cce81073a767d9cc6
SHA512

01a5a9b08aa68223fbde4305c52a24ca6dc11b0f50ca79346ab219c73b398e9e3258feda229380751ac8e651c1b238486485857121e064aeb90be9ba4bb78b19
SSDEEP

3072:tulDs1gRQdNt+PXT1ujBs32Ni6lkZWt4k6sc4:t4s1AQvt+/MBy2NxlpLb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cb27c646f6430b35a170c9bee81d035_JaffaCakes118

Files

2cb27c646f6430b35a170c9bee81d035_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34f5325f83913c8ffacaad12eb979bd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
connect
WSACleanup
WSAStartup
setsockopt
ioctlsocket
htons
bind
listen
accept
recv
closesocket
socket
send
select
__WSAFDIsSet

kernel32

MapViewOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
SetConsoleCtrlHandler
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
Sleep
GetLastError
CreateThread
GetModuleFileNameA
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLocalTime
ExitProcess
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetSystemDirectoryA
GetTimeFormatA
GetDateFormatA
GetFileSize
GetFileAttributesA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
ReadFile
SetFilePointer
DeleteFileA
OpenProcess
GetCurrentProcessId
CopyFileA
SetFileAttributesA
GetModuleHandleA
WaitForSingleObject
CreateMutexA
TerminateThread
GetTempPathA
MoveFileA
LoadLibraryA
GetProcAddress
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
WideCharToMultiByte
MultiByteToWideChar
GetComputerNameA
GetCurrentProcess
TerminateProcess
lstrcmpiA
GetLocaleInfoA
GetVersionExA
GetLogicalDrives
WaitForMultipleObjects
CreatePipe
DuplicateHandle
GenerateConsoleCtrlEvent
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalMemoryStatus
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapSize
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34f5325f83913c8ffacaad12eb979bd1

Headers

File Characteristics

Imports

ws2_32

kernel32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 53KB - Virtual size: 425KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 19KB - Virtual size: 40KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 53KB - Virtual size: 425KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 19KB - Virtual size: 40KB