8797c30816461c9204abe628ba4a4c64_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8797c30816461c9204abe628ba4a4c64_JaffaCakes118
Size

92KB
MD5

8797c30816461c9204abe628ba4a4c64
SHA1

5d2fd2f7635102d017fcf92d37afe56c7a0f4d10
SHA256

1dcefb11a34aab4aa68f563e898a1919d990e93a38f8062fa897674cd3be469b
SHA512

43f4174c44f14a48d47b9fbdfee8fb3589ac22d43d618a700613ab721e98c5ea702d746267d574ff1deb6d67fab92243a181dc3a7ecb65954ff1fa8669175acd
SSDEEP

1536:pVU75+YSyiqLoiPZ+1MYu6vyfUzdOcBUTCQmsWXZAg2Htv5dr:pu7fuCYUMhBDQWArtvf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8797c30816461c9204abe628ba4a4c64_JaffaCakes118

Files

8797c30816461c9204abe628ba4a4c64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b78d3c8bf0362698b88644b777af5d9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recv
send
gethostbyname
WSAStartup
inet_ntoa
ntohl
socket
connect
closesocket

kernel32

SystemTimeToFileTime
GetLocalTime
GetLastError
TerminateProcess
Sleep
CloseHandle
WriteFile
ReadFile
WaitForSingleObjectEx
CreateProcessA
CompareFileTime
SetFileTime
GetFileTime
CreateFileA
CopyFileA
GetModuleFileNameA
SetEvent
CreateEventA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile
CreatePipe
HeapDestroy
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
RaiseException
GetLocaleInfoA
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
ExitThread
GetCurrentThreadId
CreateThread
GetProcAddress
GetModuleHandleA
ExitProcess
RtlUnwind
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
WideCharToMultiByte
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapSize

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
CloseServiceHandle
GetUserNameA
StartServiceCtrlDispatcherA

shell32

ord680
SHGetFolderPathA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b78d3c8bf0362698b88644b777af5d9e

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

shell32

ole32

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 176B