300b95a357a0c2440571324cf02fe4ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

300b95a357a0c2440571324cf02fe4ad_JaffaCakes118
Size

251KB
MD5

300b95a357a0c2440571324cf02fe4ad
SHA1

6c7311eb7fe39a25fbdf992ae521fd7e65bcd70e
SHA256

c8cea5e4564d9925fb97a059a509cb77073da97b4d17e189d7e7e00931f3f149
SHA512

9138b324d342d3b8d07a2dd6f35ba90a1ed18385b429cc07b418a06170224ecad8ade429e8d4309651ea063974b511539ba9817d61b3a67aa030d1df9c17dd76
SSDEEP

6144:zms03hTqnwTIFwA4qhPh1OeWzp+4mIIzUtULfo3:zms03hTIaCwA4qhrdSo1OJ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
300b95a357a0c2440571324cf02fe4ad_JaffaCakes118

Files

300b95a357a0c2440571324cf02fe4ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8026167e61c9360342abd50cf489892c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

ws2_32

WSACleanup
WSAStartup
setsockopt
htons
bind
listen
select
__WSAFDIsSet
inet_addr
send
recv
ntohs
inet_ntoa
socket
ioctlsocket
connect
closesocket
accept

kernel32

MapViewOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
ExitThread
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetSystemDirectoryA
GetLocalTime
lstrcpynA
lstrcmpA
lstrcpyA
lstrlenA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetTimeFormatA
GetDateFormatA
GetLastError
CreateThread
CloseHandle
GetFileSize
CreateFileA
GetFileAttributesA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
ReadFile
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WriteFile
FreeLibrary
GetEnvironmentVariableW
HeapFree
HeapAlloc
GetProcessHeap
VirtualQueryEx
ReadProcessMemory
GetSystemInfo
OpenProcess
GetModuleHandleA
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
CreateProcessA
ExpandEnvironmentStringsA
SetFileAttributesA
GetTempPathA
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
GetCurrentProcess
CreatePipe
GetVersionExA
GlobalMemoryStatus
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
GetComputerNameA
DeleteFileA
GetCurrentProcessId
CopyFileA
WaitForSingleObject
CreateMutexA
MoveFileA
TerminateProcess
lstrcmpiA
GetLocaleInfoA
GetLogicalDrives
WaitForMultipleObjects
TerminateThread
GenerateConsoleCtrlEvent
RtlUnwind
GetTimeZoneInformation
GetSystemTime
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 958KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8026167e61c9360342abd50cf489892c

Headers

File Characteristics

Imports

user32

ws2_32

kernel32

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 82KB - Virtual size: 958KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 82KB - Virtual size: 958KB