34260b250995ce9012930b0dcb15959a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

34260b250995ce9012930b0dcb15959a_JaffaCakes118
Size

236KB
MD5

34260b250995ce9012930b0dcb15959a
SHA1

15fd57bd2fb59bf4f6e7f77fd1117c3116a5167a
SHA256

672706c5866473529c9a568455ea8b7bf6eb44d445230daf8c2fc09ff80ac2ad
SHA512

79d1b92d46965bbe6eaf676337682fa974917b3de8fbbd5f779e4ee53afd05b444806ea50f91cd5ead60f0fb5e54986f15bc4958a319e07ad2a3bd2310db6398
SSDEEP

768:37NTV+zmPuVt71zV68Vy+bUlhsOJJggCoXJHqSCvF24BgatSm2GAO8zCXrZa:3hESwDoaDyrglyJHXCvF24jXEO8zCs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34260b250995ce9012930b0dcb15959a_JaffaCakes118

Files

34260b250995ce9012930b0dcb15959a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54f3f2b126c8f336f96d04e6f8cf5117

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal
CoTaskMemFree

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
_lopen
WriteFile
WideCharToMultiByte
UnmapViewOfFile
CloseHandle
Sleep
SetFilePointer
SetFileAttributesA
RtlMoveMemory
RemoveDirectoryA
ReadFile
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MoveFileA
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GlobalMemoryStatus
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTickCount
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileSize
GetFileAttributesA
GetDriveTypeA
GetDiskFreeSpaceA
GetCurrentProcess
GetCurrentDirectoryA
GetComputerNameA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
DeleteFileA
CreateToolhelp32Snapshot
CreateThread
CreateMutexA
CreateFileMappingA
CreateFileA
CreateDirectoryA
CopyFileA
CompareStringA
lstrlenW

user32

FindWindowExA
wsprintfA
FindWindowA
ReleaseDC
SendMessageA
GetDlgCtrlID
GetDC

advapi32

RegEnumValueA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
OpenSCManagerA
OpenProcessToken
LookupPrivilegeValueA
GetUserNameA
CreateServiceA
CloseServiceHandle
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
StartServiceA
RegOpenKeyA
DeleteService

shlwapi

PathFileExistsA
StrRChrA
StrStrIA
StrChrA
StrCmpNA

shell32

ShellExecuteA

wsock32

htons
getsockname
gethostname
gethostbyname
connect
closesocket
bind
accept
inet_addr
WSAStartup
listen
recv
socket
send

ws2_32

WSAIoctl

rasapi32

RasGetEntryDialParamsA
RasGetEntryPropertiesA
RasEnumEntriesA

gdi32

GetDeviceCaps

wininet

InternetGetConnectedState

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

54f3f2b126c8f336f96d04e6f8cf5117

Headers

File Characteristics

Imports

ole32

kernel32

user32

advapi32

shlwapi

shell32

wsock32

ws2_32

rasapi32

gdi32

wininet

Sections

.text Size: 235KB - Virtual size: 235KB

.text
Size: 235KB - Virtual size: 235KB