62f6df0a5ec747cb0c897f280634e7b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62f6df0a5ec747cb0c897f280634e7b9_JaffaCakes118
Size

343KB
MD5

62f6df0a5ec747cb0c897f280634e7b9
SHA1

02548698a451977dc8c6273d30a6e6008286ec91
SHA256

fcfba44e69ad6d1e5e0f6c10eb21fb132976dd30930336a85ab9d97277f95071
SHA512

e91b06235ca472359af70879438cbd373ac5c3ac485f0e4ae8ccb16fe04068aacf0d8e28e3a7f989161e2a20c7768959e2e242a1cd38e6c7780397623df3cee2
SSDEEP

6144:wS+M0ROoZ04CUpNZ7xbKoV2cN+P31ja/GozMUqKfN:wS+MgLCUpn7xbNZN+P31ja/6vKl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62f6df0a5ec747cb0c897f280634e7b9_JaffaCakes118

Files

62f6df0a5ec747cb0c897f280634e7b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a5232ec5f8fc6e91a6abb42dd3ed10d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohs
inet_ntoa
inet_addr
htons
connect
WSACleanup
WSAStartup
setsockopt
ioctlsocket
bind
listen
accept
recv
closesocket
socket
send
select
__WSAFDIsSet

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GlobalLock
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
SetEndOfFile
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetConsoleCtrlHandler
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
ExitProcess
CloseHandle
CreateProcessA
GetModuleFileNameA
GetSystemDirectoryA
Sleep
CreateThread
DeleteFileA
OpenProcess
GetCurrentProcessId
GetLastError
CopyFileA
SetFileAttributesA
GetFileAttributesA
GetModuleHandleA
WaitForSingleObject
CreateMutexA
GetTickCount
MoveFileA
GetTempPathA
TerminateThread
LoadLibraryA
GetProcAddress
GetComputerNameA
GetLocaleInfoA
GetVersionExA
ExitThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WriteFile
ReadFile
TerminateProcess
DuplicateHandle
GetCurrentProcess
CreatePipe
GetTimeFormatA
GetDateFormatA
GetFileSize
CreateFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
SetFilePointer
WaitForMultipleObjects
GenerateConsoleCtrlEvent
GetLocalTime
FormatMessageA
GlobalUnlock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
lstrcmpiA
GetExitCodeProcess
PeekNamedPipe
GetLogicalDrives
GlobalMemoryStatus
IsBadWritePtr
IsBadReadPtr
HeapValidate
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
OutputDebugStringA
InitializeCriticalSection
FatalAppExitA
HeapAlloc
HeapReAlloc
HeapFree
VirtualFree
VirtualAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
GetCPInfo
GetACP
GetOEMCP
RaiseException
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA

Sections

ASPack
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ASPack
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ASPack
Size: 70KB - Virtual size: 673KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ASPack
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ASPack
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a5232ec5f8fc6e91a6abb42dd3ed10d

Headers

File Characteristics

Imports

ws2_32

version

kernel32

Sections

ASPack Size: 240KB - Virtual size: 239KB

ASPack Size: 9KB - Virtual size: 9KB

ASPack Size: 70KB - Virtual size: 673KB

ASPack Size: 4KB - Virtual size: 3KB

ASPack Size: 18KB - Virtual size: 18KB

ASPack
Size: 240KB - Virtual size: 239KB

ASPack
Size: 9KB - Virtual size: 9KB

ASPack
Size: 70KB - Virtual size: 673KB

ASPack
Size: 4KB - Virtual size: 3KB

ASPack
Size: 18KB - Virtual size: 18KB