6694286fb7c5773fd15a7b93820637ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6694286fb7c5773fd15a7b93820637ae_JaffaCakes118
Size

112KB
MD5

6694286fb7c5773fd15a7b93820637ae
SHA1

6e4675bf2dd8319d199a53e4388979c7422f5758
SHA256

93b739516cb55a5d8ce7df6c92ca377a0b8c3298cb67d72405864d51da125395
SHA512

eb2f30f9c857a5e719fe1937c6999ed77be37ec74e21a19a37046d17e1a7be14a640e81854be285b8f7ff20c98a487a40636e9311dddf80874bcc0d301f814ff
SSDEEP

3072:F1ggYqLa/nmrA0v+JHnmr+3v+JtlqyKZUJCtaDMbL3jtJ6B:iEa/nmrA0v+JHnmr+3v+JtlqyKZjaDcw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6694286fb7c5773fd15a7b93820637ae_JaffaCakes118

Files

6694286fb7c5773fd15a7b93820637ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a3d37426af2e53b8eeb52e69045a2ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
TerminateThread
CreateThread
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetCurrentDirectoryA
CopyFileA
SetFileAttributesA
CreateDirectoryA
CreateFileA
WriteFile
CloseHandle
GetFileSize
DeleteFileA
SetFilePointer
ReadFile
lstrlenA
WaitForSingleObject
TerminateProcess
GetModuleFileNameA
GetLocalTime
CreateSemaphoreA
GetLastError
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemTime
SystemTimeToFileTime
SetFileTime
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LCMapStringW
LCMapStringA
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
InitializeCriticalSection
HeapReAlloc
VirtualAlloc
HeapSize
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
RaiseException
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement

user32

PostMessageA
FindWindowA
EnumChildWindows
GetWindowRect
GetCursorPos
SetCursorPos
GetWindowTextA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
SendMessageA
IsWindowVisible
IsWindowEnabled
mouse_event
GetParent
DefWindowProcA
DestroyWindow
GetMessageA
WindowFromPoint
SetTimer
DispatchMessageA
TranslateMessage
GetClassNameA

shell32

ShellExecuteA
ShellExecuteExA
SHFileOperationA

wininet

InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetOpenA

ws2_32

gethostbyname
socket
htons
inet_addr
connect
closesocket
gethostname
WSAStartup
WSACleanup
recv
send
inet_ntoa

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a3d37426af2e53b8eeb52e69045a2ab

Headers

File Characteristics

Imports

kernel32

user32

shell32

wininet

ws2_32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 1KB