723dd9c17db1fc5fbcd85a97048c9455_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

723dd9c17db1fc5fbcd85a97048c9455_JaffaCakes118
Size

329KB
MD5

723dd9c17db1fc5fbcd85a97048c9455
SHA1

1879ba77928c04fe502b81d5f4c364cfbf784363
SHA256

849f99b9d3f3420955df783e3e2a3ef5e499c8c0815b7857eac48b7676b7e30a
SHA512

ff99ece68a76593b0ddc3934d964410794d7d4d0df4e90d2ecf502e062a06867cb6589a6c11f1efca3734e8fcaf98b633381120e270e2a59a91c0c9209831692
SSDEEP

6144:INKBrvXf686jHJrvQ/b5lz4JJBAZ1zAp6ZmyA8lamPSrSwnaqb8:ISrvXfiprkFlz4JJmZ1z+6THBkLnaS8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
723dd9c17db1fc5fbcd85a97048c9455_JaffaCakes118

Files

723dd9c17db1fc5fbcd85a97048c9455_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07667299f4ba740ab12e2dbbfd5be5ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

closesocket
shutdown
setsockopt
WSAGetLastError
WSASend
WSARecv
WSASetLastError
bind
htons
gethostbyname
WSAAsyncSelect
inet_addr
WSAStartup
WSACleanup
inet_ntoa
WSAConnect
htonl
WSASocketA
ntohl
listen
WSAAccept
gethostbyaddr
ntohs

print

Tcl_SetObjResult
Tcl_SetStringObj
Tcl_NewObj
Tcl_GetString
Tcl_SetIntObj
Tcl_GetIntFromObj
Tcl_AppendResult
Tcl_ListObjAppendElement
Tcl_SetLongObj
Tcl_SetDoubleObj
Tcl_SetWideIntObj
Tcl_GetVar
Tcl_EvalFile
Tcl_UnsetVar
Tcl_SetVar
Tcl_CreateObjCommand
Tcl_CreateInterp
Tcl_CreateSlave
Tcl_FindExecutable
Tcl_DeleteInterp
Tcl_ResetResult

shell32

ShellExecuteA
Shell_NotifyIconA

crypt32

CertOpenSystemStoreA
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore

kernel32

SetStdHandle
VirtualAlloc
RtlUnwind
VirtualFree
HeapDestroy
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
FlushFileBuffers
TlsAlloc
TlsSetValue
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
ExitProcess
GetVersion
GetCommandLineA
WideCharToMultiByte
GetTimeZoneInformation
FindFirstFileExA
CopyFileA
MoveFileExA
GetDiskFreeSpaceExA
CompareStringA
CompareStringW
TlsGetValue
SetEndOfFile
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
SwitchToThread
PostQueuedCompletionStatus
GetLastError
GetProcAddress
LoadLibraryA
GetVersionExA
FreeLibrary
GetTickCount
Sleep
CloseHandle
SetThreadPriority
CreateThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetLastError
GetFileAttributesA
GetFileType
GetSystemTime
FileTimeToSystemTime
MoveFileA
DeleteFileA
GetFileInformationByHandle
CreateFileA
CreateDirectoryA
RemoveDirectoryA
GetFileAttributesExA
ReadFile
CreateProcessA
GetStartupInfoA
DuplicateHandle
CreatePipe
GetCurrentProcess
FindClose
FindNextFileA
FindFirstFileA
FormatMessageA
SetEvent
WaitForSingleObject
CreateEventA
ConnectNamedPipe
CreateNamedPipeA
GetCurrentThreadId
GetExitCodeProcess
GetFileSize
ReleaseSemaphore
InitializeCriticalSection
CreateSemaphoreA
GetModuleFileNameA
SetEnvironmentVariableA
WriteFile
UnmapViewOfFile
ExitThread
MapViewOfFile
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetFilePointer
GetLocalTime
SetCurrentDirectoryA
SetErrorMode
HeapAlloc
HeapCompact
HeapFree
HeapReAlloc
HeapCreate
lstrcpynA
GetModuleHandleA
GetCurrentProcessId
CompareFileTime
GetFileTime
SystemTimeToFileTime
GetSystemTimeAsFileTime
SetPriorityClass
CreateIoCompletionPort
GetSystemInfo
GetQueuedCompletionStatus
UnlockFile
LockFile
GetEnvironmentVariableA

user32

WaitForInputIdle
DefWindowProcA
DispatchMessageA
KillTimer
GetMessageA
CreateWindowExA
RegisterClassExA
wsprintfA
TranslateMessage
LoadCursorA
LoadIconA
TrackPopupMenu
SetForegroundWindow
GetCursorPos
AppendMenuA
CreatePopupMenu
LoadImageA
PostMessageA

mswsock

GetAcceptExSockaddrs
AcceptEx

Sections

.text
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

07667299f4ba740ab12e2dbbfd5be5ee

Headers

File Characteristics

Imports

ws2_32

print

shell32

crypt32

kernel32

user32

mswsock

Sections

.text Size: 276KB - Virtual size: 276KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 20KB - Virtual size: 40KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 276KB - Virtual size: 276KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 20KB - Virtual size: 40KB

.rsrc
Size: 4KB - Virtual size: 4KB