88c106372552e865629dee908fb3d406_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

88c106372552e865629dee908fb3d406_JaffaCakes118
Size

176KB
MD5

88c106372552e865629dee908fb3d406
SHA1

007c89b935c0dfa704360eef0e6a7b0634a6c0e5
SHA256

f3de096237366d708776ea0149bc7281a613868711cd16029d8f2c0341105a2a
SHA512

d77c97c128b178cce2f582ad992a57a4cd71ef933222179c59f067b03712d9a9daa58d869be0ad360a2f720c7a085726883c6dc8a7bbf220b558d96b1f7dbd77
SSDEEP

3072:lR94GYeHJmMUzOKTLtDmA39nagCPjRX9MAAf3mJvw0LewiGj7WtcZs:l4GrIicmAl98RNfAf3mJo0Kwr7Ds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88c106372552e865629dee908fb3d406_JaffaCakes118

Files

88c106372552e865629dee908fb3d406_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ce5f616ad8526077f725c80de4721d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetDriveTypeA
GetVolumeInformationA
FindClose
LocalFree
LocalAlloc
GetFileSize
SetFilePointer
RemoveDirectoryA
InitializeCriticalSection
lstrcmpiA
CreateFileA
ExitProcess
OpenProcess
GetCurrentProcessId
CopyFileA
GlobalFree
GlobalLock
GlobalAlloc
GetTickCount
GetStartupInfoA
GetCurrentThreadId
GetSystemInfo
OpenEventA
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateDirectoryA
SetStdHandle
FlushFileBuffers
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
IsBadCodePtr
IsBadReadPtr
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
UnhandledExceptionFilter
HeapSize
DeleteFileA
lstrcatA
GetVersionExA
GetPrivateProfileStringA
lstrcmpA
CancelIo
InterlockedExchange
GetLastError
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
Sleep
CloseHandle
GetProcAddress
FreeLibrary
SetEvent
LoadLibraryA
GetCurrentProcess
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
SetUnhandledExceptionFilter
SetLastError
TlsAlloc
GetVersion
GetCommandLineA
GetModuleHandleA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindFirstFileA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
CreateThread
TlsSetValue
TlsGetValue
ExitThread

user32

GetMessageA
wsprintfA
CharNextA
GetWindowTextA
MessageBoxA
LoadCursorA
SendMessageA
MapVirtualKeyA
TranslateMessage
WindowFromPoint
SetCursorPos
mouse_event
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
DispatchMessageA
SetCapture
IsWindow
OpenDesktopA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
CloseDesktop
IsWindowVisible
GetWindowThreadProcessId
ExitWindowsEx
DestroyCursor
GetCursorPos
GetDesktopWindow
GetDC
SetRect
GetSystemMetrics

advapi32

GetTokenInformation
AdjustTokenPrivileges
RegOpenKeyA
OpenProcessToken
LookupAccountSidA
RegSetValueExA
OpenSCManagerA
DeleteService
CloseServiceHandle
RegCreateKeyExA
RegCloseKey
OpenEventLogA
ClearEventLogA
CloseEventLog
LsaFreeMemory
LsaOpenPolicy
LsaClose
IsValidSid

shell32

SHGetSpecialFolderPathA

ws2_32

WSAStartup
WSACleanup
setsockopt
htons
gethostbyname
socket
recv
select
closesocket
send
inet_ntoa
inet_addr
getsockname
bind
recvfrom
__WSAFDIsSet

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ce5f616ad8526077f725c80de4721d3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wtsapi32

Sections

.text Size: 128KB - Virtual size: 125KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 24KB - Virtual size: 30KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 24KB - Virtual size: 30KB

.rsrc
Size: 4KB - Virtual size: 3KB