4282685fe68efb1f059b315cbb7508e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4282685fe68efb1f059b315cbb7508e4_JaffaCakes118
Size

408KB
MD5

4282685fe68efb1f059b315cbb7508e4
SHA1

4d52fba6aef71cf08b82e49a8acc9718a365fcff
SHA256

0626c8664bd68d9196f740bd510ed59dbcb462478c6faa953f08e7c1d558d940
SHA512

40a7ecc5ce2bbada9e679324efc42120c86082ff207587ed28a1acdb3eb11e4c0b99387087b55dede8840dba330546a315108be6b9145bc9248c62c75c719438
SSDEEP

12288:q1t6t9k5niq48ii7IsXr5mrpEkBvkLr2LG0PYQK:q1tJigACkxk2LG0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4282685fe68efb1f059b315cbb7508e4_JaffaCakes118

Files

4282685fe68efb1f059b315cbb7508e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7a0cb7fbba952867acd5ef8a0e15cd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

ioctlsocket
ntohl
gethostbyname
WSAStartup
gethostname
WSACleanup

kernel32

CloseHandle
DeviceIoControl
CreateFileA
GetVersion
GetProcessAffinityMask
GetSystemInfo
GlobalMemoryStatus
WaitForSingleObject
ReadFile
CreateProcessA
CreatePipe
LocalAlloc
LocalFree
GetComputerNameA
GetWindowsDirectoryA
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
DeleteFileA
GetTempFileNameA
GetVersionExA
GetLogicalDriveStringsA
SetErrorMode
GetTimeFormatA
GetDateFormatA
ExpandEnvironmentStringsA
FormatMessageA
GetProfileStringA
lstrcpyA
GlobalFree
GlobalAlloc
SetLastError
lstrcatA
GetTimeZoneInformation
lstrcmpiA
WideCharToMultiByte
GetComputerNameW
SetFileTime
SetFileAttributesA
CreateDirectoryA
RemoveDirectoryA
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetProcAddress
GetDriveTypeA
GetDiskFreeSpaceA
GetVolumeInformationA
lstrcmpA
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcess
GetPriorityClass
SetPriorityClass
GetCurrentThread
GetThreadPriority
SetThreadPriority
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
lstrlenA
ReleaseMutex
GetLocaleInfoW
SetEnvironmentVariableA
GetCurrentProcessId
FindClose
FindNextFileA
FindFirstFileA
GetCurrentThreadId
GetLocaleInfoA
MoveFileA
GetExitCodeProcess
CreateMutexA
GetFileAttributesA
GetFileType
GetFileTime
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcpynA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
HeapFree
HeapAlloc
GetProcessHeap
Sleep
GetCommandLineA
DeleteCriticalSection
RtlUnwind
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetSystemTime
GetLocalTime
GetStartupInfoA
ExitProcess
TerminateProcess
SetConsoleCtrlHandler
MultiByteToWideChar
SetStdHandle
RaiseException
TlsSetValue
TlsAlloc
TlsGetValue
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
FlushFileBuffers
WriteFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetFilePointer
GetCPInfo
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
SetEndOfFile
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
CompareStringA
CompareStringW

user32

GetSystemMetrics
wsprintfA
ReleaseDC
CharToOemA
GetDC

gdi32

GetDeviceCaps

winspool.drv

EnumPrintersA

advapi32

RegConnectRegistryA
GetSecurityDescriptorLength
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegLoadKeyA
RegUnLoadKeyA
LookupAccountSidA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
GetUserNameA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetKernelObjectSecurity

netapi32

Netbios

mpr

WNetOpenEnumA
WNetCloseEnum
WNetEnumResourceA

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7a0cb7fbba952867acd5ef8a0e15cd5

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

winspool.drv

advapi32

netapi32

mpr

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 96KB - Virtual size: 405KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 96KB - Virtual size: 405KB

.rsrc
Size: 4KB - Virtual size: 2KB