b0cc963c2d15e045f84c34df615a5cfa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b0cc963c2d15e045f84c34df615a5cfa_JaffaCakes118
Size

87KB
MD5

b0cc963c2d15e045f84c34df615a5cfa
SHA1

cddd7600c77df871a403a1cb6e2798ae92d12b83
SHA256

f8f093159d58603f8d0055e1f60706152a6e42780bc934d87015024a41065f7c
SHA512

7ac3a479fda144d667ce9983dfb63b09f9f61d4d2c843067705ef6db76b48c986038adfe71b2ba751f9c4272ff8458d3d61f933ba6c46addef30cd0eaec5febd
SSDEEP

1536:asyUVcqf4bnECyxNaNR7r2TYujud10R1K8LKsHvYu/8l6DebFvz6:GocECyxNaNR7rKjudKhDvYu/8l6DSve

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0cc963c2d15e045f84c34df615a5cfa_JaffaCakes118

Files

b0cc963c2d15e045f84c34df615a5cfa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

721980aba4d3485bfffba592759015d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CreateProcessA
ExpandEnvironmentStringsA
GetModuleHandleA
CloseHandle
WriteFile
CreateFileA
GetDriveTypeA
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
LoadLibraryA
GetProcAddress
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
EnterCriticalSection
OpenProcess
Module32First
GetComputerNameA
GetLocaleInfoA
GetVersionExA
GetCurrentProcessId
CopyFileA
SetFileAttributesA
GetFileAttributesA
GetSystemDirectoryA
ExitProcess
WaitForSingleObject
CreateMutexA
GetTempPathA
SetErrorMode
GetLocalTime
TerminateThread
GlobalMemoryStatus
GetLogicalDrives
CompareStringW
CompareStringA
SetEndOfFile
LeaveCriticalSection
ExitThread
GetModuleFileNameA
CreateThread
Sleep
TerminateProcess
GetLastError
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
SetEnvironmentVariableA
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
ReadFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
GetSystemTime
GetTimeZoneInformation

user32

FindWindowA
SendMessageA

advapi32

GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA

ws2_32

getsockname
connect
WSAStartup
setsockopt
ioctlsocket
htons
WSAAsyncSelect
listen
send
select
__WSAFDIsSet
accept
closesocket
WSACleanup
inet_addr
gethostbyname
gethostbyaddr
inet_ntoa
bind
socket
recv

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

netapi32

NetShareEnum
NetApiBufferFree
NetShareDel
NetShareAdd

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

721980aba4d3485bfffba592759015d9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wininet

netapi32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 13KB - Virtual size: 652KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 13KB - Virtual size: 652KB