a120bc604f6e57a53be27861295b2dea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a120bc604f6e57a53be27861295b2dea_JaffaCakes118
Size

26KB
MD5

a120bc604f6e57a53be27861295b2dea
SHA1

006b7156c6e41955f82ff53a293f61a3d18b41f0
SHA256

838dca39f4978fc791a63933b33423b78f562ce54118eba00f30cca1f232e3d4
SHA512

5d5849c94f2bd42e688f28ba3e0d3b07bf233176cfc616545354e91f0eee5ed28e57a2a6c6db24f896cb8b00385a7e8154943c87bd44ae0fb398b2bc14d36859
SSDEEP

384:Z5KAnNCjQUBq17ew50P0wzFhUMXyIGNLYvbmCBydDC6+zzu3K+MDnjYE0WMszYYa:Zln8jQ+krYLByIyMNmWzCMO87boR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a120bc604f6e57a53be27861295b2dea_JaffaCakes118

Files

a120bc604f6e57a53be27861295b2dea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

534246cd3425857a8803447b8da4791b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
GetSystemDirectoryA
SetFileAttributesA
GetCurrentProcessId
SleepEx
HeapAlloc
GetProcessHeap
GetWindowsDirectoryA
CreateThread
MoveFileExA
ResumeThread
SetPriorityClass
Process32Next
GlobalMemoryStatus
CreateToolhelp32Snapshot
CreateMutexA
CopyFileA
CreateDirectoryA
DeleteFileA
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
lstrcpyA
lstrcatA
CreateFileA
WriteFile
WinExec
ExitProcess
GetLastError
Sleep
GetVersionExA
GetCurrentProcess
UnmapViewOfFile
CloseHandle
MapViewOfFile
LocalFree
FreeLibrary
LoadLibraryA
GetProcAddress
Process32First

user32

wsprintfA
PostQuitMessage
ExitWindowsEx
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
ShowWindow
UpdateWindow
SendMessageA
RegisterClassA

advapi32

QueryServiceStatus
ControlService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
SetServiceStatus
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
StartServiceA
CreateServiceA
DeleteService
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
ChangeServiceConfigA

ws2_32

htonl
htons
inet_addr
gethostbyname
setsockopt
WSASocketA
WSAStartup
connect
socket
closesocket
recv
send
WSAAsyncSelect
WSAGetLastError
WSACleanup
sendto

msvcr71

malloc
_itoa
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_stricmp
printf
atoi
rand
strncpy
strcspn
strstr
sprintf
_strlwr

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

534246cd3425857a8803447b8da4791b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

msvcr71

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 924B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 924B