72e2fcae1f136cbf86dc44a452684fcc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72e2fcae1f136cbf86dc44a452684fcc_JaffaCakes118
Size

159KB
MD5

72e2fcae1f136cbf86dc44a452684fcc
SHA1

c2190e2b7c8093d7e0e3d527889e40bbd1957052
SHA256

6ec18ead0fce1b0f84657eb4146151e569a68befbfa3295c3cfda0c47df22560
SHA512

ca622faa5945a4fd6b705d7dfb66cc7ba51960564efe9d97faeb5f3d5500e53b4e35979d93a92e0f01e886e7e310fa8ec93c2367745ff58fb1c512a2a17c8d7e
SSDEEP

3072:/6+jInHGDXls2NUtMZpfTV8D/bKDZO55Xxq:5kHofYMZpb8/bts

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72e2fcae1f136cbf86dc44a452684fcc_JaffaCakes118

Files

72e2fcae1f136cbf86dc44a452684fcc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a8ca033362190286b68a1f325726ff4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

ws2_32

htonl
sendto
recv
socket
gethostbyname
setsockopt
connect
send
closesocket
WSAStartup
WSACleanup
htons

kernel32

CreateThread
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CreateEventA
CloseHandle
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
Sleep
FreeLibrary
GetCurrentProcessId
GetProcAddress
LoadLibraryA
GetModuleFileNameA
SetEvent
GetModuleHandleA
GetSystemTimeAsFileTime
WaitForSingleObject
TerminateThread
GetExitCodeThread
GetLastError
CreateMutexA
ReleaseMutex
TlsAlloc
TlsGetValue
TlsSetValue
ResetEvent
ResumeThread
GetTickCount
SystemTimeToFileTime
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerA
RaiseException
RtlUnwind
DeleteFileA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateProcessA
DuplicateHandle
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
GetCommandLineA
ExitThread
GetCurrentThreadId
GetModuleHandleW
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WriteFile
GetStdHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
ReadFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
ExitProcess
GetTimeZoneInformation
DeleteCriticalSection
GetFileAttributesA
SetHandleCount
GetFileType
GetStartupInfoA
CreatePipe
GetExitCodeProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers
CreateFileA
InitializeCriticalSectionAndSpinCount

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8ca033362190286b68a1f325726ff4c

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ws2_32

kernel32

Sections

.text Size: 128KB - Virtual size: 128KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 6KB - Virtual size: 13KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 128KB - Virtual size: 128KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 6KB - Virtual size: 13KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 1KB - Virtual size: 1KB