a017be59b27b7856448c9b89f9db0941_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a017be59b27b7856448c9b89f9db0941_JaffaCakes118
Size

102KB
MD5

a017be59b27b7856448c9b89f9db0941
SHA1

121dd8d9d7dab6ea1f4d25d1a97f8f654cf377af
SHA256

2368d48be5d947d3f975427d5818424e4e5e5a8fa235271866365ae99f37c634
SHA512

935e36f59a7c89377ce8e29e15569c9728aa69ea00e0d3cae583a149447af6071ddb56f127faadc65c973b08c1db55b44bfb8a428b6f79efc6816834f3a0b478
SSDEEP

3072:Ude7s61lZWsQu4vEkS1IatCTrMly6fPKM/h:U47s6RBQuzDIH/6fP9h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a017be59b27b7856448c9b89f9db0941_JaffaCakes118

Files

a017be59b27b7856448c9b89f9db0941_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7250d5efc8f5fced5c4629fb9d50b66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
LoadLibraryA
GetProcAddress
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
MultiByteToWideChar
WideCharToMultiByte
TerminateProcess
OpenProcess
GetComputerNameA
GetLocaleInfoA
GetVersionExA
GetCurrentProcessId
CopyFileA
SetFileAttributesA
GetModuleHandleA
GetSystemDirectoryA
ExitProcess
WaitForSingleObject
CreateMutexA
GetTempPathA
SetErrorMode
GetLocalTime
TerminateThread
GlobalMemoryStatus
GetDriveTypeA
GetLogicalDrives
GetVersion
LocalFree
FormatMessageA
DeviceIoControl
GetCurrentDirectoryA
CompareStringW
CompareStringA
SetEndOfFile
ExpandEnvironmentStringsA
CreateProcessA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetTickCount
EnterCriticalSection
LeaveCriticalSection
ExitThread
GetModuleFileNameA
CreateThread
Sleep
GetFileAttributesA
GetLastError
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetEnvironmentVariableA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
ReadFile
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetCurrentProcess
HeapAlloc
HeapFree
GetSystemTime
GetTimeZoneInformation

user32

SendMessageA
wsprintfA
FindWindowA

advapi32

OpenSCManagerA
CreateServiceA
OpenServiceA
DeleteService
CloseServiceHandle
RegOpenKeyExA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
StartServiceA

shell32

ShellExecuteA

ws2_32

setsockopt
bind
WSAStartup
__WSAFDIsSet
accept
WSACleanup
gethostbyname
recv
send
inet_addr
htons
ioctlsocket
connect
select
closesocket
ntohl
htonl
inet_ntoa
getsockname
WSAAsyncSelect
gethostbyaddr
listen
socket

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
HttpSendRequestA
InternetConnectA
InternetCrackUrlA
HttpOpenRequestA
InternetOpenUrlA

netapi32

NetShareAdd
NetShareDel
NetApiBufferFree
NetShareEnum

shlwapi

PathStripPathA

Sections

Size: 748KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e7250d5efc8f5fced5c4629fb9d50b66

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wininet

netapi32

shlwapi

Sections

Size: 748KB - Virtual size: 748KB

.rsrc Size: 4KB - Virtual size: 4KB

.avp Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 4KB

.avp
Size: 8KB - Virtual size: 8KB