71d405ea4472b1249ae754def0b337ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71d405ea4472b1249ae754def0b337ca_JaffaCakes118
Size

94KB
MD5

71d405ea4472b1249ae754def0b337ca
SHA1

7f709cef700cee59ce0927c27172ec4b862b7d06
SHA256

e58f8ac91d787c4e9ca4d592fd6615dfd112de126588ec765137aeb87c6539c0
SHA512

d26eb53f5e3887cd4309e90a3a66d42e3fa95bca27261471c3a718d45b1e8bd2a02ff153eed83457dc6b918f51d595eabcdd300f4189ac0e76e4f6954d87ed62
SSDEEP

1536:Sdyql1M7wIIEuti7rEYivykYkpaWj0OL+G7mJAm/lGAuJMLF4vsnXWkW336:SdV1Z1i3QKqSGCJr/lkJ6FQsnH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d405ea4472b1249ae754def0b337ca_JaffaCakes118

Files

71d405ea4472b1249ae754def0b337ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2f8b54b620a14509449dc954d3f2b8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
gethostbyname
WSAStartup
gethostname

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetCurrentProcessId
GlobalAlloc
ReadFile
GetFileSize
CreateFileA
WriteFile
GetCurrentDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
lstrcatA
lstrlenA
OpenMutexA
lstrcmpiA
GetModuleFileNameA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetCommandLineA
CreateProcessA
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenEventA
CopyFileA
DeleteFileA
MultiByteToWideChar
WideCharToMultiByte
OpenProcess
VirtualFree
lstrcmpA
SetFilePointer
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
SetFileTime
GetFileTime
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
DeviceIoControl
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
GetVersionExA
GetTimeZoneInformation
GetSystemDefaultLCID
ResumeThread
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
SetEndOfFile
GetOEMCP
LocalAlloc
LocalFree
SetEvent
CreateMutexA
GetLastError
CreateEventA
GlobalFree
CreateThread
CloseHandle
SetCurrentDirectoryA
WaitForSingleObject
Sleep
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW
HeapSize
VirtualAlloc
GetACP
GetLocaleInfoA
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
VirtualQuery
InterlockedExchange
RtlUnwind
InitializeCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapAlloc
HeapFree
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

wsprintfA

advapi32

QueryServiceStatus
GetUserNameA
ControlService
CreateServiceA
StartServiceA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
SetServiceStatus

ole32

CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize

wininet

HttpQueryInfoA
InternetGetConnectedState
InternetOpenA
InternetSetCookieA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

urlmon

ObtainUserAgentString

iphlpapi

GetIpAddrTable
GetNetworkParams
GetAdaptersInfo
GetIfEntry

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2f8b54b620a14509449dc954d3f2b8b

Headers

File Characteristics

Imports

ws2_32

version

kernel32

user32

advapi32

ole32

wininet

urlmon

iphlpapi

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 30KB - Virtual size: 36KB

.rsrc Size: 1024B - Virtual size: 984B

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 30KB - Virtual size: 36KB

.rsrc
Size: 1024B - Virtual size: 984B