a026638a7f6c10a86f7abf3367f6bea0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a026638a7f6c10a86f7abf3367f6bea0_JaffaCakes118
Size

88KB
MD5

a026638a7f6c10a86f7abf3367f6bea0
SHA1

3ab32d73af32a748e6e3391d1d0c62c91bc6b6d8
SHA256

7e1845e1c98e7cb681070fd97f1dc3d6b0a8f41f3607f78062cebe7a0f5dca93
SHA512

89e378a414be346f28586449120fdcf1d1fb1dc476bbcc2faab62b2764601652e95bb7e3fbbce2d019de15868d0b39f3eda74dd7a681f257c25020f31b9f5595
SSDEEP

1536:4fbvBc1VtsDdZ+6RGUXszpK//mcnmaNHnM/5hPqp96hogR9IJxofnJvqp:ENMUXOpKGcnma+x+9NgR9IJxofnJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a026638a7f6c10a86f7abf3367f6bea0_JaffaCakes118

Files

a026638a7f6c10a86f7abf3367f6bea0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69b8be6f07fa623c9903d1e001f02efd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

shutdown
inet_ntoa
ioctlsocket
ntohl
htonl
getsockname
gethostbyname
WSAStartup
select
inet_addr
connect
send
recv
closesocket
htons
socket
setsockopt
bind
listen
accept
WSACleanup

shell32

ShellExecuteA

advapi32

RegQueryValueExA
RegDeleteValueA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA

kernel32

FlushFileBuffers
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
LCMapStringA
FreeEnvironmentStringsA
UnhandledExceptionFilter
RaiseException
SetFilePointer
GetFileType
GetStdHandle
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
CompareStringA
CompareStringW
FreeEnvironmentStringsW
CreateMutexA
SetHandleCount
HeapReAlloc
VirtualAlloc
CloseHandle
GetCurrentProcess
FindClose
FindFirstFileA
DeleteFileA
SetFileAttributesA
TerminateProcess
OpenProcess
lstrcmpiA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetWindowsDirectoryA
GetSystemDirectoryA
Sleep
ExitProcess
CreateProcessA
ExitThread
CreateThread
GetModuleFileNameA
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
WaitForSingleObject
SetEnvironmentVariableA
SetErrorMode
GetTickCount
GetTempPathA
GetLastError
CreateDirectoryA
GetVersionExA
TerminateThread
ExpandEnvironmentStringsA
GetFileAttributesA
LoadLibraryA
GetProcAddress
CreateEventA
ReadFile
CopyFileA
MultiByteToWideChar
SetFileTime
GetFileTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime

user32

CharLowerA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69b8be6f07fa623c9903d1e001f02efd

Headers

File Characteristics

Imports

ws2_32

shell32

advapi32

wininet

kernel32

user32

version

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 21KB - Virtual size: 35KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 21KB - Virtual size: 35KB

.rsrc
Size: 512B - Virtual size: 16B