86df6ccb53afd466fe53274653805513_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

86df6ccb53afd466fe53274653805513_JaffaCakes118
Size

560KB
MD5

86df6ccb53afd466fe53274653805513
SHA1

5c1407cf007d59e2e25436098cf33ec72aeec9a8
SHA256

99c02b5c5cc5649eb92ba4cd7f6916fa32be78bd00092d0e0120933b98ff47ec
SHA512

0575ecd3758f407734f6ef3a630fba3ef09b2f295410245a433bf5bee5a4f3acab39ec508ce87ce67aef311ce49d7a1de5ea9980adca7457f6d7f22ad89b16bd
SSDEEP

6144:FsxusiUhwyDZkWjq6NfFxvylweZCIgpK1CljRwc:qHhwyDZe6Ndxvyf1ClR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86df6ccb53afd466fe53274653805513_JaffaCakes118

Files

86df6ccb53afd466fe53274653805513_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9267e8a1078998160b3d87dc64cd832f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

ws2_32

connect
WSACleanup
WSAStartup
setsockopt
ioctlsocket
inet_addr
bind
listen
accept
closesocket
recv
socket
send
select
__WSAFDIsSet
htons

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetCurrentProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetFilePointer
LCMapStringW
Sleep
GetLastError
CreateThread
GetModuleFileNameA
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WriteFile
WaitForSingleObject
CreateEventA
ReadFile
CloseHandle
CreateFileA
DeleteFileA
CreateProcessA
OpenProcess
GetCurrentProcessId
CopyFileA
SetFileAttributesA
GetFileAttributesA
GetModuleHandleA
GetSystemDirectoryA
ExitProcess
CreateMutexA
MoveFileA
GetTempPathA
FormatMessageA
GlobalUnlock
GlobalLock
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
TerminateProcess
TransactNamedPipe
LoadLibraryA
GetProcAddress
MultiByteToWideChar
lstrcpynA
lstrcmpA
lstrcpyA
lstrlenA
GetComputerNameA
GetLocaleInfoA
GetVersionExA
TerminateThread
HeapAlloc
HeapFree
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
RaiseException
HeapSize
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
LCMapStringA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pklstb
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9267e8a1078998160b3d87dc64cd832f

Headers

File Characteristics

Imports

user32

ws2_32

version

kernel32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 316KB - Virtual size: 316KB

.sxdata Size: 4KB - Virtual size: 4KB

.pklstb Size: 92KB - Virtual size: 92KB

.relo2 Size: 4KB - Virtual size: 4KB

Size: 12KB - Virtual size: 12KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 316KB - Virtual size: 316KB

.sxdata
Size: 4KB - Virtual size: 4KB

.pklstb
Size: 92KB - Virtual size: 92KB

.relo2
Size: 4KB - Virtual size: 4KB