63afcd77258b8356ae995c38ca522e80_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63afcd77258b8356ae995c38ca522e80_JaffaCakes118
Size

225KB
MD5

63afcd77258b8356ae995c38ca522e80
SHA1

a4709b1b9b0a3868d16a34449a971cdd0c994749
SHA256

d26793b98bdbc2e16cfe1d393e4fb9e91ab5dbb8cbf5dc4e75b15ef7a07c7a74
SHA512

773cedbc3308f0ce9640b576d1601877c2f465655810e4bd04e8732d88e424ebfe4d4bf7474638c11a595fe44213194dbc7ee5f4612623153fe64a05f89573d5
SSDEEP

6144:TY9BQkwOmDSmapn6kKi0rP0oQ4En+Yk6BFmgn4:TMBQkC6pn6kKiuP0oQPrVn4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63afcd77258b8356ae995c38ca522e80_JaffaCakes118

Files

63afcd77258b8356ae995c38ca522e80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

510725eda8326831310f5f564c6ea37d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCloneImage
GdipAlloc
GdipFree
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdipLoadImageFromFile
GdipSaveImageToFile
GdipDisposeImage
GdiplusShutdown

ws2_32

inet_addr
connect
WSACleanup
WSAStartup
socket
setsockopt
ioctlsocket
htons
bind
listen
send
select
__WSAFDIsSet
accept
recv
closesocket

kernel32

FormatMessageA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
Sleep
GetLastError
CreateThread
GetModuleFileNameA
lstrcmpiA
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLocalTime
DeleteFileA
MoveFileA
CloseHandle
WriteFile
CreateFileA
lstrlenA
lstrcpyA
lstrcatA
ReadFile
SetFilePointer
GetFileSize
GetSystemDirectoryA
MultiByteToWideChar
TransactNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ExitProcess
CreateProcessA
FindClose
FindNextFileA
FindFirstFileA
GetTimeFormatA
GetDateFormatA
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
LoadLibraryA
GetProcAddress
GetModuleHandleA
GlobalUnlock
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
SetFileAttributesA
GetTempPathA
WideCharToMultiByte
GetComputerNameA
CopyFileA
GetCurrentProcess
TerminateProcess
OpenProcess
GetCurrentProcessId
WaitForSingleObject
CreateMutexA
TerminateThread
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
CreatePipe
GetLocaleInfoA
GetVersionExA
GetLogicalDrives
GlobalMemoryStatus
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

510725eda8326831310f5f564c6ea37d

Headers

File Characteristics

Imports

gdiplus

ws2_32

kernel32

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 68KB - Virtual size: 608KB

.aspack Size: 8KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 68KB - Virtual size: 608KB

.aspack
Size: 8KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB