b2eaead59309062c279dfd2bc7a50a71_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b2eaead59309062c279dfd2bc7a50a71_JaffaCakes118
Size

74KB
MD5

b2eaead59309062c279dfd2bc7a50a71
SHA1

dd604fefd19a8d3a75e91cd20919c907fa0313c3
SHA256

19a55dd294837fca5762cc43ac4eeb7fad145676c5b8b5e31a6faa389760de2a
SHA512

708261e48367dac2e72e02f4fbe25722ac1e102bcbc0b42ad58451adf9cf57827f25839cab2523fc089b5a9169b13fb97a95f467f326fe4a0b380fe9f82fa556
SSDEEP

1536:7mCdOPXuo2mJ54bxsMXM+AoLlJ5UfqlXNlK:7QRZT4bxsMcJQJ5Ufqld

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2eaead59309062c279dfd2bc7a50a71_JaffaCakes118

Files

b2eaead59309062c279dfd2bc7a50a71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baf70ca540bf2dde05630da34980a215

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
Module32Next
Module32First
FreeLibrary
Process32First
GetCurrentProcessId
GetProcAddress
LoadLibraryA
GetPriorityClass
OpenProcess
OpenFileMappingA
GetTempPathA
GetLastError
CreateFileMappingA
UnmapViewOfFile
GetCurrentProcess
GetTempFileNameA
MapViewOfFile
TerminateProcess
lstrcmpA
CreateThread
GetVolumeInformationA
GetModuleHandleA
Process32Next
GetVersionExA
GetComputerNameA
GetSystemDefaultLCID
CreateDirectoryA
RemoveDirectoryA
SetFileAttributesA
GetDriveTypeA
GetLogicalDriveStringsA
GetLogicalDrives
SetComputerNameA
GetLocalTime
GetTickCount
SetLocalTime
GetWindowsDirectoryA
GetSystemDirectoryA
CopyFileA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
WriteFile
SetEndOfFile
CloseHandle
CreateProcessA
WaitForSingleObject
DeleteFileA
GetModuleFileNameA
GlobalMemoryStatus
GetSystemInfo
Beep
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
FlushFileBuffers
GetTimeZoneInformation
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetOEMCP
GetACP
WideCharToMultiByte
HeapFree
Sleep
GetCPInfo
HeapAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
MoveFileA
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileA
FindFirstFileA
RtlUnwind
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
HeapReAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
VirtualAlloc
GetStringTypeW

user32

SendMessageA
MessageBoxA
SetTimer
MapVirtualKeyA
PostMessageA
GetWindowThreadProcessId
keybd_event
EnumWindows
wsprintfA
LoadStringA
SetCursorPos
mouse_event
DefWindowProcA
EnumDisplaySettingsA
PostQuitMessage
ReleaseDC
DrawTextA
SetRect
GetClientRect
LoadIconA
RegisterClassA
GetMessageA
ShowWindow
UpdateWindow
GetClassNameA
TranslateMessage
DispatchMessageA
GetCursorPos
KillTimer
ExitWindowsEx
GetDesktopWindow
GetDC
CreateWindowExA

gdi32

CreateDCA
SelectObject
GetStockObject
CreateCompatibleDC
DeleteDC

advapi32

RegEnumKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA
GetUserNameA

shell32

ShellExecuteA

ws2_32

recv
closesocket
socket
WSAAsyncSelect
htons
connect
WSACleanup
WSAStartup
gethostname
gethostbyname
inet_ntoa
send
WSAGetLastError

wininet

InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

shlwapi

SHDeleteValueA
SHCopyKeyA
SHDeleteKeyA

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

baf70ca540bf2dde05630da34980a215

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

wininet

shlwapi

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 15KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 15KB

.rsrc
Size: 1KB - Virtual size: 1KB