b5b233416869b263d0b758b499d5dc40_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5b233416869b263d0b758b499d5dc40_JaffaCakes118
Size

176KB
MD5

b5b233416869b263d0b758b499d5dc40
SHA1

c9f6cfca5201e4dce860ee945710c14ff554bc49
SHA256

ce972ac0945da5ff15fad2754056329354570b837810388730e26631b100bd8c
SHA512

e677e04428129103d0ea85f078cd64d377faf53216467cb6ad2aea67151ec8aa65e273fca79d6d149b50a0ab78be4db7d879ec3c18330e154d54f8751ff355c7
SSDEEP

1536:ApdiZ0nbZxEWUx1qMb0pkTsUpAIvtOngVqNDsG16FSFEBCybq5gqgh97qJWoQIAY:ALIsYWUXqM2hUTFSqyY0a8yznoWoQI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5b233416869b263d0b758b499d5dc40_JaffaCakes118

Files

b5b233416869b263d0b758b499d5dc40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc074044672b5cb6eaba181a669527ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
GetTickCount
SetComputerNameA
ReadFile
PeekNamedPipe
FindFirstFileA
CreatePipe
CreateDirectoryA
RemoveDirectoryA
MoveFileA
WideCharToMultiByte
TerminateProcess
WinExec
TerminateThread
GetStartupInfoA
GetProcessHeap
HeapAlloc
LoadLibraryA
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDriveTypeA
GetDiskFreeSpaceA
GlobalMemoryStatus
GetProcessVersion
GetVersionExA
GetComputerNameA
GetSystemInfo
CreateProcessA
GetLastError
FormatMessageA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
Process32Next
CreateToolhelp32Snapshot
Process32First
MultiByteToWideChar
OpenProcess
HeapFree
SetThreadPriority
ExitThread
CreateThread
GetModuleFileNameA
DeleteFileA
GetWindowsDirectoryA
CloseHandle
CopyFileA
GetCurrentProcess
FindClose
FindNextFileA
Sleep
GetEnvironmentStrings
ExitProcess
SetCurrentDirectoryA
SetEndOfFile
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetFilePointer
RtlUnwind
GetEnvironmentStringsW
Beep
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetSystemTime
GetTimeZoneInformation
GetLocalTime
GetFullPathNameA
GetCurrentDirectoryA

user32

GetWindow
IsWindowVisible
FindWindowA
wsprintfA
GetSystemMetrics
DialogBoxParamA
SetDlgItemTextA
SetWindowsHookExA
ShowWindow
GetDesktopWindow
MessageBoxA
SetCursorPos
keybd_event
UnhookWindowsHookEx
ExitWindowsEx
EndDialog
GetDlgItemTextA
OpenClipboard
GetClipboardData
GetWindowTextA
CloseClipboard

gdi32

CreateDCA
DeleteDC
CreateDIBSection
CreateCompatibleDC
BitBlt
GetDIBColorTable
SelectObject
GetDeviceCaps
DeleteObject

advapi32

CloseEventLog
ReportEventA
DeregisterEventSource
RegisterEventSourceA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
OpenSCManagerA
ClearEventLogA
ReadEventLogA
OpenEventLogA
GetUserNameA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
CloseServiceHandle
EnumServicesStatusA
QueryServiceStatus
StartServiceA
OpenServiceA
ControlService
DeleteService
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountNameA

wsock32

gethostbyname
listen
bind
socket
closesocket
recv
inet_addr
WSAGetLastError
recvfrom
WSACleanup
accept
ntohs
htons
connect
WSAStartup
send

wininet

FtpGetFileA
InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetConnectA
InternetOpenA
FtpPutFileA

netapi32

NetShareEnum
NetUserGetInfo
NetLocalGroupGetMembers
NetLocalGroupEnum
NetServerEnum
NetShareDel
NetShareAdd
NetApiBufferFree

ws2_32

WSASocketA
WSAIoctl

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc074044672b5cb6eaba181a669527ec

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wsock32

wininet

netapi32

ws2_32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 36KB - Virtual size: 49KB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 16KB - Virtual size: 13KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 36KB - Virtual size: 49KB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 16KB - Virtual size: 13KB

.reloc
Size: 8KB - Virtual size: 6KB