38769d06db611a1873c0a576cec0b10c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

38769d06db611a1873c0a576cec0b10c_JaffaCakes118
Size

312KB
MD5

38769d06db611a1873c0a576cec0b10c
SHA1

ded7b07acdeac373451d58006f4075fc8f1a4898
SHA256

5e58473a1868b9f5df40984ea6e47b449fea241a0b70815f12a21b53236ee4b3
SHA512

6166e2e6e0acdf316d532a5810611578cc55c25e04b56ba36b3b35997d1aab421029daa72c8b90add39d6eddc9a13302cc021bc3533bb5c786b5e7965bdf9d50
SSDEEP

6144:6z1hfl8oOsd4C3Bbq6mVUv+c0hbi4C3WTBqDHAOMhVX7:6z1ht8PCRbq6F0hO4mWTsDH2hVX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38769d06db611a1873c0a576cec0b10c_JaffaCakes118

Files

38769d06db611a1873c0a576cec0b10c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

664ddd861e56a63947eea612d692da85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
Sleep
WaitForMultipleObjects
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
GetLastError
GetVersion
WriteFile
GetSystemTimeAsFileTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GlobalAlloc
lstrcmpiA
GetCurrentThreadId
FileTimeToSystemTime
CreateEventW
lstrcmpA
InterlockedDecrement
lstrlenA
InterlockedIncrement
CloseHandle
LeaveCriticalSection
EnterCriticalSection
GetTickCount
WaitForSingleObject
SetEvent
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetFilePointer
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
ExitThread
CreateThread
HeapFree
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetSystemInfo
VirtualQuery
ExitProcess
GetVersionExA
GetProcessHeap
GetStartupInfoW
RtlUnwind
RaiseException
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetStdHandle
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapSize
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
GetCurrentProcessId
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers

user32

IsCharAlphaA

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW

ws2_32

connect
socket
recv
send
closesocket
sendto
WSAGetLastError
WSAStartup
ntohs
htons
recvfrom
setsockopt

Sections

.text
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

664ddd861e56a63947eea612d692da85

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 224KB - Virtual size: 224KB

.rdata Size: 64KB - Virtual size: 64KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 224KB - Virtual size: 224KB

.rdata
Size: 64KB - Virtual size: 64KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 4KB