87ad835738826646482722c7031582d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87ad835738826646482722c7031582d0_JaffaCakes118
Size

244KB
MD5

87ad835738826646482722c7031582d0
SHA1

e12aa7a9f2f0a1ccdad2328f03c7bb657229abf6
SHA256

70442a63bf3f5db40f69984dd942c84597b8f16bf6fc29988a04b43437a9ca0e
SHA512

59e9e391e6cdd51580b3a98f2654a3a2a254b0c4a38d9a5e3be71e6bcba8a0ca0bce14483835c5a300197aaeda91f3b20d0596b0854466c2760253c2841c234b
SSDEEP

3072:FOZxw49PhO3WO715eYhKTZSZZlVvJ8IxvMiZehk6VPAggjwVlxWGYtL:kw49pOmYB8NCZXJ6S7UVXC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87ad835738826646482722c7031582d0_JaffaCakes118

Files

87ad835738826646482722c7031582d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fad75a8ae1b124c3c73a36d6e24cc7fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetFileSize
CreateFileA
MoveFileA
DeleteFileA
GetModuleFileNameA
FlushFileBuffers
WriteFile
SetFilePointer
GetSystemDirectoryA
CreateEventA
Sleep
CreateThread
GetModuleHandleA
GetCurrentProcess
ReleaseMutex
CreateMutexA
WinExec
GetCurrentDirectoryA
lstrlenA
GetSystemDefaultLangID
GetCurrentProcessId
FileTimeToSystemTime
CompareStringW
CompareStringA
SetEndOfFile
CreateFileW
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FindNextFileA
GetLogicalDriveStringsA
ResetEvent
SetEvent
FindClose
CopyFileA
lstrcpyA
lstrcatA
GetStdHandle
CreatePipe
SetStdHandle
GetStartupInfoA
CreateProcessA
ReadFile
GetLastError
WaitForSingleObject
SetFileAttributesA
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
SetEnvironmentVariableA
FreeEnvironmentStringsA
HeapSize
LoadLibraryA
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetProcAddress
ExitProcess
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

user32

DispatchMessageA
PeekMessageA
DefWindowProcA
GetMessageA
CreateWindowExA
RegisterClassA
GetSystemMetrics
wsprintfA
TranslateMessage
EnumChildWindows
keybd_event
GetWindowTextA
GetClassNameA
mouse_event
GetWindowInfo
FindWindowExA
GetCursorPos
SetTimer
KillTimer
EnumWindows
PostMessageA
SetCursorPos

gdi32

CreateDCA
CreateDIBSection
CreateCompatibleDC
SelectObject
SetStretchBltMode
BitBlt
DeleteDC
DeleteObject
GetDeviceCaps

advapi32

RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegCloseKey
RegEnumKeyExA
RegEnumValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA

shlwapi

PathFileExistsA

ws2_32

WSASetLastError
inet_ntoa
gethostbyname
gethostname
WSASocketA
connect
htons
WSAGetOverlappedResult
closesocket
WSAGetLastError
WSARecv
WSASend
setsockopt
recvfrom
sendto
bind
socket
WSAStartup

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fad75a8ae1b124c3c73a36d6e24cc7fc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

ws2_32

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 45KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 45KB