b0f05f4d5a999f6187c2f3dc431f4c81_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b0f05f4d5a999f6187c2f3dc431f4c81_JaffaCakes118
Size

236KB
MD5

b0f05f4d5a999f6187c2f3dc431f4c81
SHA1

d4171ef2287870ff273aa5c1bf592764c65fed35
SHA256

4815c65893725a0d3f4277f0373e085479187eedd3133206e781deacfde32eed
SHA512

2661d1bdf2c7ab4525452c53d6563cde0c6a827e0f4f92ef45d7b670075fbdea70128d76419c5207f18e1cb00d82cad91b8836f1277fdff5bdda130633f7f7fb
SSDEEP

3072:Ou/XjQo5DjdzR7fUXNl1Eiiw5zjJECe2jMeV9IIXoFXJk96:OUjQCvTsleiiw5ztVvwk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0f05f4d5a999f6187c2f3dc431f4c81_JaffaCakes118

Files

b0f05f4d5a999f6187c2f3dc431f4c81_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41d48adc40f1fdecfc13e1b743247b8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetVersionExW
LoadLibraryW
GetModuleHandleA
GetModuleHandleW
GetTickCount
GetTimeZoneInformation
SetEndOfFile
GetModuleFileNameW
RemoveDirectoryW
GetLastError
ReleaseMutex
GetLocalTime
GetSystemDirectoryW
GetSystemTime
GetCurrentThread
GetComputerNameW
GetTempFileNameW
GetTempPathW
GetCurrentDirectoryW
CompareFileTime
GetFileTime
SetEnvironmentVariableW
ExpandEnvironmentStringsW
ExitProcess
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentProcess
HeapAlloc
HeapFree
GetVersion
GetFileAttributesW
MoveFileExW
GetWindowsDirectoryW
GetShortPathNameW
MoveFileW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
CopyFileW
CreateDirectoryW
GetProcAddress
GetPrivateProfileIntW
SetFileAttributesW
ReadFile
SetFilePointer
Sleep
ExpandEnvironmentStringsA
MultiByteToWideChar
WideCharToMultiByte
FindFirstFileW
FindNextFileW
FindClose
GetFileSize
DeleteFileW
CreateFileW
CloseHandle
WaitForSingleObject
CreateMutexW
WriteFile
HeapReAlloc
RaiseException
GetStringTypeW
GetStringTypeA
GetStdHandle
SetHandleCount
TerminateProcess
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
SetEnvironmentVariableA
CompareStringW
CompareStringA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentVariableA
UnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
GetFileType
GetModuleFileNameA
GetCommandLineA
GetStartupInfoA

user32

LoadStringW
MessageBoxA
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
ExitWindowsEx
MessageBoxW
LoadStringA

gdi32

GetDeviceCaps
DeleteDC
CreateICW

advapi32

RegCloseKey
RegOpenKeyExW
OpenThreadToken
OpenProcessToken
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wsock32

gethostbyname
closesocket
htons
setsockopt
WSAStartup
ioctlsocket
socket
WSAGetLastError
WSASetLastError
inet_ntoa
connect
select
__WSAFDIsSet
WSACleanup
recv
send

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41d48adc40f1fdecfc13e1b743247b8d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

wsock32

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 28KB - Virtual size: 44KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 28KB - Virtual size: 44KB

.rsrc
Size: 8KB - Virtual size: 5KB