7615dc38eefcb9b92db8af439197f429_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7615dc38eefcb9b92db8af439197f429_JaffaCakes118
Size

108KB
MD5

7615dc38eefcb9b92db8af439197f429
SHA1

1378ad55fffddef1fb704592e8329b794bf2e089
SHA256

a3fab7ee23daf208b029120392b60bf17cffebb9ce317924387adca28e67f69d
SHA512

a35c4e6f148c251f9efdbd2cd16296ea09e4ed41bd01715d884377aac7d96651e408b55b0189e4a9479ea0b151599c08c90880f70948df2dcd59fc3ea44195a7
SSDEEP

1536:XhnH8uJMiB46meC14i7tCwdlFbUIYvyMYEtUHOSShP8nY3EtD0mb5ZtJwS:xN+e4LeOwhUKENTtJwS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7615dc38eefcb9b92db8af439197f429_JaffaCakes118

Files

7615dc38eefcb9b92db8af439197f429_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abe08a5b313460111d31d3117d24ce28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

ws2_32

shutdown
inet_addr
WSASocketA
htonl
closesocket
WSACleanup
recv
socket
send
connect
WSAStartup
gethostbyname
htons
inet_ntoa

shlwapi

PathFindExtensionA

winmm

mciSendStringA

user32

GetWindowThreadProcessId
EnumWindows
PostMessageA
FindWindowA
ShowWindow

shell32

ShellExecuteA

advapi32

RegSetValueExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

urlmon

URLDownloadToFileA

kernel32

ReadFile
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
CreateFileA
SetFilePointer
GetLocaleInfoA
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
WriteConsoleA
UnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
CopyFileA
GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
Sleep
DeleteFileA
CreateSemaphoreA
GetLastError
SetErrorMode
FreeLibrary
WaitForSingleObject
GetTickCount
OpenProcess
CreateProcessA
TerminateProcess
GetProcAddress
GetLocalTime
LoadLibraryExA
CloseHandle
GetSystemTime
GetModuleHandleA
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetFileAttributesA
GetCommandLineA
GetVersionExA
GetProcessHeap
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetStdHandle
DeleteCriticalSection
LoadLibraryA
InitializeCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
RtlUnwind
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abe08a5b313460111d31d3117d24ce28

Headers

File Characteristics

PDB Paths

Imports

ws2_32

shlwapi

winmm

user32

shell32

advapi32

urlmon

kernel32

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 176B