b365b9ee11669e5b97ccb596b7a9b561_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b365b9ee11669e5b97ccb596b7a9b561_JaffaCakes118
Size

180KB
MD5

b365b9ee11669e5b97ccb596b7a9b561
SHA1

a0fca7bb6384ff176a335a3846c68b6bdfadea5c
SHA256

6bd691695c0661e5beb70beaf99f6063b766d3848131787b7f1fb73a6332b455
SHA512

e54713c08429de17f92a72ef2492aa5bcf2817edc4b91b30b74d06a741351ea27fd0d133a9b13fa8e3520116adef30d97f8efc5c765563bc4e17152b1dacfa47
SSDEEP

3072:PttBzuvqSCDTyjNHxqXzoNNtu5tM2H6xqA8pEsoLqwsba2KTs4Yc5d:ltBzuvq7D8dc+Nj2H6xqA8CvnNYc5d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b365b9ee11669e5b97ccb596b7a9b561_JaffaCakes118

Files

b365b9ee11669e5b97ccb596b7a9b561_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77dd2e5c06e3209c89b5772022369d74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
WriteFile
LockResource
CreateFileA
LoadResource
SizeofResource
FindResourceA
GetProcAddress
LoadLibraryA
Sleep
GetLastError
CompareStringW
CompareStringA
SetEndOfFile
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
CloseHandle
OpenProcess
TerminateProcess
GetSystemDirectoryA
GetModuleFileNameA
CopyFileA
DeleteFileA
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetEnvironmentVariableA

user32

DispatchMessageA
TranslateMessage
GetMessageA
GetWindowThreadProcessId
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
DefWindowProcA
SetTimer

advapi32

CreateServiceA
CloseServiceHandle
StartServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
OpenSCManagerA

ws2_32

connect
htons
socket
gethostbyname
gethostname
closesocket
recv
send
WSACleanup
WSAStartup

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77dd2e5c06e3209c89b5772022369d74

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 52KB - Virtual size: 51KB