60a0919ec3a63457cfc28b3665078878_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60a0919ec3a63457cfc28b3665078878_JaffaCakes118
Size

33KB
MD5

60a0919ec3a63457cfc28b3665078878
SHA1

3f14e77ba4c9c2a11dfd64ce4654c68cb7f5c7ec
SHA256

8e81d078aecf8dcfe0b49452f207d527b158bc818230690ffa0fd691b1b0ee6e
SHA512

f0c7f6eb5e027aa3a9a1157c123c48a18683d7ed48dc99a7c6b195f55c9f0eff65e6920b1070b2069bb1a0efa1456f0884abd3091185b69deffee6830d50e5a9
SSDEEP

768:N1TmANRSNM5d5tcV28tJ/9eZAjUCih+ck9:N1yaSNM5d5tD8SAjrc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60a0919ec3a63457cfc28b3665078878_JaffaCakes118

Files

60a0919ec3a63457cfc28b3665078878_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6370dbcc9dda16c032bd951831120128

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetTickCount
CreateThread
GetLastError
CreateMutexA
lstrlenA
lstrcmpA
GetFileAttributesA
GetVersionExA
GetSystemInfo
GlobalMemoryStatus
DeleteFileA
GetWindowsDirectoryA
Sleep
WriteFile
CloseHandle
ReadFile
GetFileSize
lstrcmpiA
TerminateProcess
OpenProcess
FindClose
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
CopyFileA
SetFileAttributesA
GetModuleHandleA
CreateFileA
ExitProcess

user32

CallNextHookEx
CloseWindow
PostQuitMessage
UnhookWindowsHookEx
GetDesktopWindow
GetForegroundWindow
GetWindowTextA
wsprintfA
MoveWindow
SetTimer
SetKeyboardState
SetWindowsHookExA
DefWindowProcA
LoadIconA
LoadCursorA
GetActiveWindow
GetKeyNameTextA
GetKeyboardState
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
ToAscii
RegisterClassExA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA

odbc32

ord24
ord75
ord41
ord11
ord9
ord31

msvcrt

memcpy
strncat
srand
rand
strncpy
atoi
atol
strlen
strtok
strstr
strcpy
memset
strcat
??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf

wininet

InternetGetConnectedState

ws2_32

send
getsockname
inet_ntoa
gethostbyaddr
htonl
sendto
WSAGetLastError
accept
listen
bind
closesocket
__WSAFDIsSet
ioctlsocket
setsockopt
htons
inet_addr
gethostbyname
connect
WSAStartup
WSACleanup
select
socket
recv
WSAAsyncSelect

avicap32

capGetDriverDescriptionA

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

psapi

GetModuleBaseNameA
EnumProcessModules
GetModuleFileNameExA
EnumProcesses

urlmon

URLDownloadToFileA

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6370dbcc9dda16c032bd951831120128

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

odbc32

msvcrt

wininet

ws2_32

avicap32

mpr

psapi

urlmon

Sections

.text Size: 33KB - Virtual size: 32KB

.text
Size: 33KB - Virtual size: 32KB