67400ed35cbaed8f589050d708226036_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67400ed35cbaed8f589050d708226036_JaffaCakes118
Size

192KB
MD5

67400ed35cbaed8f589050d708226036
SHA1

efbf8e4eef2511d30b963f1c6dc0de6a6402bdf5
SHA256

4bdfa42edb2edf5a389601742b4fe2e39f52988324d27e1754d4ffab5582422e
SHA512

d3166e88319bb5c132fc5393eb0cc5f8d4a17b9ad6c2939e02af925e301a48fb00f6f5a7c0972199912a53adccce98301a9edafb0394e44ae92c1d3a9045011b
SSDEEP

3072:WYAW7kzXNy7yw7VuAp2M1YBrslKPj17foF:WYAW7kzXNCyE7pl14rsc5s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67400ed35cbaed8f589050d708226036_JaffaCakes118

Files

67400ed35cbaed8f589050d708226036_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5545e0b2c2bd92d8507627c3d44ceb94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentProcess
GetComputerNameA
GetLogicalDrives
CreateProcessA
ExitProcess
CreateThread
TerminateThread
MoveFileExA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
GetSystemDirectoryA
CreateFileA
FlushFileBuffers
SetStdHandle
SetFilePointer
SetConsoleCtrlHandler
RtlUnwind
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetModuleHandleA
GetModuleFileNameA
CopyFileA
GetExitCodeProcess
TerminateProcess
Process32First
CreateToolhelp32Snapshot
CloseHandle
Process32Next
OpenProcess
GetPriorityClass
FindFirstFileA
FindNextFileA
FindClose
GetShortPathNameA
MultiByteToWideChar
Sleep
HeapFree
HeapReAlloc
SetEndOfFile
HeapAlloc
ReadFile
InterlockedIncrement
LoadLibraryA
GetProcAddress
OutputDebugStringA
InterlockedDecrement
WriteFile
GetStdHandle
DebugBreak
GetVersion
GetCommandLineA
GetStartupInfoA
DeleteFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
HeapValidate
IsBadReadPtr
IsBadWritePtr

user32

SetCursorPos
mouse_event
ExitWindowsEx
ReleaseDC
GetDC
GetDesktopWindow
GetSystemMetrics
GetWindowTextA
GetWindowTextLengthA
MessageBeep
GetAsyncKeyState
GetKeyState
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
MessageBoxA
CreateWindowExA
RegisterClassA
LoadIconA
GetForegroundWindow
PostQuitMessage
SystemParametersInfoA
DefWindowProcA
LoadCursorA

gdi32

CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
DeleteObject
CreateCompatibleDC

advapi32

RegQueryValueExA
RegDeleteValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA

wsock32

shutdown
recv
connect
htons
socket
gethostbyname
WSAStartup
closesocket
listen
bind
inet_addr
gethostname
ioctlsocket
accept
WSAGetLastError
WSAAsyncSelect
WSACleanup
send

ws2_32

WSASocketA

winmm

mciSendStringA

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5545e0b2c2bd92d8507627c3d44ceb94

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wsock32

ws2_32

winmm

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 14KB

.idata Size: 8KB - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 14KB

.idata
Size: 8KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 5KB