4c2cef4cbece9c80663e78e6bd78805e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4c2cef4cbece9c80663e78e6bd78805e_JaffaCakes118
Size

280KB
MD5

4c2cef4cbece9c80663e78e6bd78805e
SHA1

5b34aaf9e90df60a4274e3ef33f423da7b5eb37a
SHA256

0b3a8b976bd9fd821103f3ea3e58120c1f8d4f681cf4038c194f3174923c5671
SHA512

3f5b775a525b79e7ad431a6a3c9a23208042e402738bdea84622ed72b5c49ffc4e601c26ed0d5968767cf081f47bedd1d250eff021dc35091579f4498241663e
SSDEEP

3072:r/3xH7I48Yu6hREecDPYoPrv0CZAz8Tm7Sqc/D7NAeTJTm1dLupxdNBuuD8t73:2YuCDcDJfAMzqu7Gexm7LiuuD63

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c2cef4cbece9c80663e78e6bd78805e_JaffaCakes118

Files

4c2cef4cbece9c80663e78e6bd78805e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc71840b36b24f6aa116d0c0d2dc9c78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
WriteFile
LoadResource
LeaveCriticalSection
LocalFree
EnterCriticalSection
GetTickCount
HeapAlloc
GetWindowsDirectoryW
CreateProcessW
GetVolumeInformationA
GetACP
CreateToolhelp32Snapshot
GetFileTime
Process32FirstW
HeapReAlloc
GetVersionExA
GetTempPathA
Process32NextW
SetErrorMode
CreateProcessA
CreateEventW
SetEvent
TerminateThread
GetExitCodeThread
CreateThread
GetModuleFileNameW
WaitForMultipleObjects
SetFilePointer
SetStdHandle
HeapFree
CloseHandle
MultiByteToWideChar
FindResourceW
lstrlenA
LockResource
CreateFileW
SizeofResource
FindResourceExW
DeleteCriticalSection
InitializeCriticalSection
GetLastError
GetProcessHeap
WideCharToMultiByte
WaitForSingleObject
Sleep
GetModuleFileNameA
FormatMessageW
SetEndOfFile
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetExitCodeProcess
GetConsoleMode
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryA
HeapDestroy
HeapSize
RaiseException
InterlockedExchange
GetLocaleInfoA
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
VirtualProtect
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetSystemInfo
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
DeleteFileW
GetLocalTime
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
HeapCreate
VirtualFree
GetFileAttributesW
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetStdHandle
SetHandleCount
GetFileType
ReadFile
GetConsoleCP

user32

GetActiveWindow
GetKeyboardState
UnregisterClassA

advapi32

CreateServiceW
ChangeServiceConfig2W
StartServiceW
QueryServiceStatusEx
OpenSCManagerW
CloseServiceHandle
RegisterServiceCtrlHandlerW
SetServiceStatus
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
StartServiceCtrlDispatcherW

ole32

CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize
StringFromCLSID

ws2_32

WSACreateEvent
WSASocketW
closesocket
WSAStartup
WSARecv
WSACloseEvent
WSACleanup
WSASetEvent
WSAEventSelect
WSAGetOverlappedResult
WSAResetEvent
freeaddrinfo
WSASend
getaddrinfo
WSAConnect
WSAEnumNetworkEvents
WSASetLastError
WSAGetLastError

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc71840b36b24f6aa116d0c0d2dc9c78

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 176B