619e03f3d7a0266717a535ad4e39c175_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

619e03f3d7a0266717a535ad4e39c175_JaffaCakes118
Size

187KB
MD5

619e03f3d7a0266717a535ad4e39c175
SHA1

6fd8c10bc2b14c8243d7f1944859c14f93d0f2ee
SHA256

b30864a144ada1ed6bba4bff7572e0e3715ba66bff4ace033cc07dd8f5b77544
SHA512

2c2bec5a5e28644ffe7241353a4f4bc1149a38bc8dffb2348b5a6ce2532ae863ca55afcd1e5c0142b125ea54ff6aed0e84a49e445e2b5f1d06600ceaca4fae08
SSDEEP

3072:0XE8sFXFcYm/sUPQn2Zrfvs2cWyEoV0e42IL6qKnl3Q6UoL6d:t8seYN7nkrfk2cD+e4lL6qAQ6Uo6d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
619e03f3d7a0266717a535ad4e39c175_JaffaCakes118

Files

619e03f3d7a0266717a535ad4e39c175_JaffaCakes118
.exe windows:4 windows x86 arch:x86

533d1314cb38c10a7a0490a16a42505c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetLastError
CreateThread
GetModuleFileNameA
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLocalTime
QueryPerformanceCounter
QueryPerformanceFrequency
ExitProcess
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetSystemDirectoryA
FindClose
FindNextFileA
FindFirstFileA
LoadLibraryA
GetProcAddress
GetModuleHandleA
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
SetFileAttributesA
GetFileAttributesA
GetTempPathA
MultiByteToWideChar
WideCharToMultiByte
GetComputerNameA
GetCurrentProcess
TerminateProcess
lstrcmpiA
OpenProcess
GetLocaleInfoA
GetVersionExA
GetLogicalDrives
ReadFile
TerminateThread
GlobalMemoryStatus
GetTimeFormatA
GetDateFormatA
DeleteFileA
MoveFileA
GetCurrentProcessId
CopyFileA
WaitForSingleObject
CreateMutexA
TransactNamedPipe
SetEndOfFile
InterlockedExchange
GetCurrentThreadId
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualProtect
HeapSize
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapFree
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
SetFilePointer
SetUnhandledExceptionFilter

user32

SendMessageA
EnumChildWindows
EnumWindows
GetClassNameA

ws2_32

select
__WSAFDIsSet
accept
recv
send
listen
socket
inet_addr
htons
connect
closesocket
WSACleanup
bind
ioctlsocket
setsockopt
WSAStartup

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

533d1314cb38c10a7a0490a16a42505c

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 24KB - Virtual size: 340KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 24KB - Virtual size: 340KB