4808e5a2fd3e5c552bd22999817df235_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4808e5a2fd3e5c552bd22999817df235_JaffaCakes118
Size

711KB
MD5

4808e5a2fd3e5c552bd22999817df235
SHA1

7434cab892bbce50828ab9ce5473e89cda8fb024
SHA256

e7ceb1e9a3146a4f241050cf5b7a53ff5e8780094e7e904cec9392efa99df16e
SHA512

3f9f3440a6f7455a35fe5a18e9092ebb2ae98bb55f5d9fba3343c95caf874c85163a5a82a33b0223354179ec5a6b51cfb9bb22f1c61111362bd642d19c2a9878
SSDEEP

12288:yvN+yOexBkdVm55toM1A7PJDQnnDSet6X4PcEfb5jvjW:ylBOexBkdVm55toM1A7PJDQnnuet6oUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4808e5a2fd3e5c552bd22999817df235_JaffaCakes118

Files

4808e5a2fd3e5c552bd22999817df235_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97dbc032d832ef125aa86782b576130b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
LeaveCriticalSection
Sleep
EnterCriticalSection
Process32Next
GetTickCount
DeleteCriticalSection
Process32First
CreateToolhelp32Snapshot
InitializeCriticalSection
ReadProcessMemory
GetCurrentProcess
GetSystemDirectoryA
MoveFileA
CreateDirectoryA
GetWindowsDirectoryA
GetLocalTime
ExitThread
QueryPerformanceCounter
QueryPerformanceFrequency
GetProcAddress
FreeLibrary
LoadLibraryA
GlobalUnlock
GlobalLock
GlobalAlloc
CopyFileA
InterlockedDecrement
GetModuleFileNameA
WideCharToMultiByte
FlushInstructionCache
VirtualProtect
GetModuleHandleA
WriteProcessMemory
CreateThread
CreateProcessA
GetLastError
SetFileAttributesA
OpenProcess
ExitProcess
WaitForSingleObject
CreateMutexA
GetTempPathA
TerminateThread
FormatMessageA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
WriteFile
GetVersionExA
GlobalMemoryStatus
GetTimeFormatA
GetDateFormatA
GetComputerNameA
GetLocaleInfoA
lstrcmpiA
ReadFile
SetFilePointer
lstrlenA
GetFileSize
GetSystemTime
LocalFree
lstrlenW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetExitCodeProcess
IsBadCodePtr
SetUnhandledExceptionFilter
FlushFileBuffers
SetStdHandle
CloseHandle
TerminateProcess
DeleteFileA
CreateFileA
GetFileAttributesA
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
GetFileType
SetHandleCount
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapAlloc
InterlockedIncrement
OutputDebugStringA
GetStdHandle
DebugBreak
LCMapStringW
LCMapStringA
IsBadWritePtr
IsBadReadPtr
HeapValidate
RtlUnwind
GetTimeZoneInformation
GetStartupInfoA
GetCommandLineA
GetVersion
MultiByteToWideChar
RaiseException

user32

SetClipboardData
EmptyClipboard
OpenClipboard
VkKeyScanA
keybd_event
ShowWindow
SetFocus
SetForegroundWindow
CharLowerA
CloseClipboard

advapi32

OpenProcessToken
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

CreateErrorInfo
VariantChangeType
SetErrorInfo
GetErrorInfo
SysFreeString
VariantInit
SysAllocString
VariantClear

ws2_32

htons
inet_addr
bind
WSAStartup
setsockopt
accept
listen
select
__WSAFDIsSet
closesocket
connect
ioctlsocket
socket
recv
send
WSACleanup

Sections

.text
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97dbc032d832ef125aa86782b576130b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ws2_32

Sections

.text Size: 295KB - Virtual size: 295KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 365KB - Virtual size: 365KB

.idata Size: 5KB - Virtual size: 5KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 295KB - Virtual size: 295KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 365KB - Virtual size: 365KB

.idata
Size: 5KB - Virtual size: 5KB

.reloc
Size: 11KB - Virtual size: 11KB