62a2fdc26fe32ca961bec5da1c4ebf0e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62a2fdc26fe32ca961bec5da1c4ebf0e_JaffaCakes118
Size

228KB
MD5

62a2fdc26fe32ca961bec5da1c4ebf0e
SHA1

b19251ebe292a80c7c53176891ecdb9801b7c057
SHA256

196b7f75945c4a0e427b8346cb9c3eb1dee83f78a5276891aeee019c0fe298d2
SHA512

084514e713eb4aac2c5fb03b099f168189e8539329808dc738c795347d46b8b1e4a286c50c0b9034ed4412c056499b72a82861f89e1a5d46f37b4f2ddad08b3e
SSDEEP

6144:Omg/Fws6Uxwk0R544s3CN6qsDkNznuYPbVDz:OmewKIb4KN6WNznuYBDz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62a2fdc26fe32ca961bec5da1c4ebf0e_JaffaCakes118

Files

62a2fdc26fe32ca961bec5da1c4ebf0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44b76b6d877f4564e02f67dc19dc5c63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

select
__WSAFDIsSet
WSAStartup
send
recv
accept
listen
bind
socket
gethostbyname
inet_addr
ioctlsocket
htons
connect
WSACleanup
closesocket

wininet

HttpQueryInfoA
InternetReadFile
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetCloseHandle
InternetOpenA
InternetConnectA
InternetAttemptConnect

advapi32

CreateServiceA
ChangeServiceConfig2A
StartServiceA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyA
RegSetValueExA
OpenSCManagerA
EnumServicesStatusA
CloseServiceHandle
OpenServiceA
ControlService
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

LeaveCriticalSection
GlobalLock
GlobalReAlloc
GlobalAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
InterlockedDecrement
lstrlenA
GetVersion
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
GetProcAddress
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
lstrcatA
FreeLibrary
GlobalHandle
GetProcessVersion
lstrcmpA
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentProcess
SetFilePointer
FlushFileBuffers
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
RaiseException
HeapSize
HeapReAlloc
GetACP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
lstrcpynA
SetLastError
GetEnvironmentVariableA
GetModuleFileNameA
CopyFileA
GetVersionExA
SetFileAttributesA
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateThread
GetTickCount
GetWindowsDirectoryA
WriteFile
CreateProcessA
GetTempPathA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
Sleep
CreateEventA
TerminateThread
ResetEvent
SetEvent
WaitForSingleObject
ReleaseMutex
CreateMutexA
LocalAlloc
CreateFileA
GetFileSize
ReadFile
LocalFree
GetLastError
CloseHandle
InterlockedExchange
LoadLibraryA
CreateDirectoryA

user32

CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetDlgCtrlID
GetWindowTextA
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
RemovePropA
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
LoadStringA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
GetMessageTime
GetMessagePos
ReleaseDC
GetForegroundWindow

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetClipBox
SetTextColor
SetBkColor
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comctl32

ord17

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

44b76b6d877f4564e02f67dc19dc5c63

Headers

File Characteristics

Imports

wsock32

wininet

advapi32

kernel32

user32

gdi32

winspool.drv

comctl32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 56KB - Virtual size: 72KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 56KB - Virtual size: 72KB