ab2c9a48a061ab528ff75bb64e5461d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab2c9a48a061ab528ff75bb64e5461d6_JaffaCakes118
Size

160KB
MD5

ab2c9a48a061ab528ff75bb64e5461d6
SHA1

100f7d64b948640878e63ebbc6571a24da58f636
SHA256

3c21a10a81fa1feaa6d16fbca633965770ea057f5380556708242d791aa1d96c
SHA512

b7641ca07cfff4e76b519bf72efc958e56a19dccb9910d471ba5219a33ce9138ec641c3af7c8e4c638e2dda771e2aeefb2931bc1d27114a1794e125d963607f3
SSDEEP

3072:rIKk4FbYwsaF6171n1ab+2G3pFVbWvMeD8uboH7Nbk:rIKMaF6171n1aQFmzwuC7G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab2c9a48a061ab528ff75bb64e5461d6_JaffaCakes118

Files

ab2c9a48a061ab528ff75bb64e5461d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4399b87b019905817e0ff4eae99b286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

getsockname
inet_addr
accept
listen
bind
WSACleanup
gethostname
getpeername
__WSAFDIsSet
shutdown
closesocket
socket
htons
htonl
connect
sendto
select
recvfrom
inet_ntoa
getsockopt
WSAGetLastError
WSAStartup
recv
send
ioctlsocket
gethostbyname

kernel32

LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetFileType
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
TerminateProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
GetLocalTime
GetTickCount
ReadFile
GetFileSize
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
GetModuleFileNameA
CopyFileA
TerminateThread
GetCurrentProcessId
ExitProcess
GetSystemDefaultLangID
GetComputerNameA
SetThreadPriority
GetThreadPriority
GetCurrentThread
SetPriorityClass
GetPriorityClass
GetCurrentProcess
QueryPerformanceCounter
QueryPerformanceFrequency
CreateProcessA
GetLastError
CreateMutexA
ReleaseMutex
WriteFile
ExpandEnvironmentStringsA
GetShortPathNameA
GetTempPathA
GetSystemDirectoryA
GetLocaleInfoA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
CreateFileA
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA

user32

GetDC
CharToOemA
ReleaseDC

gdi32

GetDeviceCaps

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
GetUserNameA

wininet

InternetReadFile
InternetGetConnectedState
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpQueryInfoA

winmm

timeSetEvent
timeBeginPeriod
timeKillEvent
timeEndPeriod

mpr

WNetOpenEnumA
WNetAddConnection2A
WNetCancelConnectionA
WNetEnumResourceA
WNetCloseEnum

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4399b87b019905817e0ff4eae99b286

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

advapi32

wininet

winmm

mpr

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 32KB - Virtual size: 121KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 232B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 32KB - Virtual size: 121KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 232B

.reloc
Size: 12KB - Virtual size: 8KB