ba7d999d1c7b14d7ea9b6c9ef55bf923_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba7d999d1c7b14d7ea9b6c9ef55bf923_JaffaCakes118
Size

1.1MB
MD5

ba7d999d1c7b14d7ea9b6c9ef55bf923
SHA1

91e691e292086c76bf9b8e08b061a61b211313ee
SHA256

9f9a36f4dc17084679aed915ed12165f4a230849584f592d8067541ba0ae21dc
SHA512

1329e22d6186a4e1c94a94ceda6e21e838748e27e2f5bbb997c7ca3e1393114f11d14b01ab0134d62450b6326365e52b38d53c0627271a4a73091e35c46cd165
SSDEEP

24576:lSO7nDJaueI/kB9kSkzdCnNOcl8Feqqa0OBS+n7h5vs8GN5RLSk:D7nVaueI/kB9kcnqmOBp95vs8o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba7d999d1c7b14d7ea9b6c9ef55bf923_JaffaCakes118

Files

ba7d999d1c7b14d7ea9b6c9ef55bf923_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b29b854c1e4a2f9f82a5097b0b088407

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleInformation
ReleaseMutex
GetLastError
CreateMutexA
GetTickCount
GetProcessTimes
GetCurrentProcess
GetModuleHandleA
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindClose
GetVolumeInformationA
GetDriveTypeA
VirtualAlloc
VirtualFree
SetLastError
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateFileA
ReadFile
WriteFile
DeviceIoControl
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
GetFullPathNameA
HeapFree
DeleteFileA
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
HeapReAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateProcessA
DuplicateHandle
GetFileType
CreateFileW
GetDriveTypeW
MoveFileA
MoveFileW
GetFileAttributesW
DeleteFileW
ExitThread
ResumeThread
CreateThread
DeleteCriticalSection
FatalAppExitA
VirtualProtect
GetSystemInfo
GetEnvironmentVariableA
HeapDestroy
SetErrorMode
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
SetFilePointer
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
GetCurrentThreadId
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
RtlUnwind
GetTimeZoneInformation
FlushFileBuffers
LCMapStringA
LCMapStringW
SetStdHandle
CreatePipe
GetExitCodeProcess
SetEndOfFile
GetFullPathNameW
SetEnvironmentVariableW
GetStringTypeA
GetStringTypeW
CompareStringA
GetCPInfo
CompareStringW
GetACP
GetOEMCP
InitializeCriticalSection
InterlockedExchange
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetCurrentDirectoryW
GetLocaleInfoW
LocalFileTimeToFileTime
SetFileTime
GetCommandLineW
WideCharToMultiByte
MultiByteToWideChar
UnlockFile
LockFile
ReleaseSemaphore
CreateSemaphoreA
SetConsoleTitleA
HeapCreate
GetEnvironmentVariableW
SetEvent
CreateEventA
ResetEvent
WaitForSingleObject
CloseHandle
Sleep
GetWindowsDirectoryA
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
VirtualQuery
GetVersion
SystemTimeToFileTime

user32

DialogBoxIndirectParamA
CreateDialogIndirectParamA
wsprintfA
GetClientRect
ScreenToClient
MoveWindow
ShowWindow
SetWindowTextA
SetFocus
GetFocus
GetParent
EndDialog
MessageBoxA
GetActiveWindow
GetDlgItemTextA
GetDlgItemTextW
EnableWindow
GetWindowRect
GetDlgItem
SendMessageA
GetWindowLongA
MessageBeep
SetDlgItemTextA
GetSystemMetrics

netapi32

Netbios

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
GetUserNameA
GetUserNameW
RegEnumKeyExA
RegisterEventSourceA
DeregisterEventSource
ReportEventA
RegDeleteValueA

comdlg32

GetOpenFileNameA

comctl32

ord17

wsock32

WSAGetLastError
WSACleanup
__WSAFDIsSet
select
connect
socket
htons
getprotobyname
recv
send
inet_ntoa
setsockopt
ntohs
inet_addr
gethostbyaddr
gethostbyname
htonl
ntohl
gethostname
closesocket
ioctlsocket
accept
getsockname
listen
bind
getservbyname
WSAStartup

Sections

.text
Size: 948KB - Virtual size: 948KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT_HA
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b29b854c1e4a2f9f82a5097b0b088407

Headers

File Characteristics

Imports

kernel32

user32

netapi32

advapi32

comdlg32

comctl32

wsock32

Sections

.text Size: 948KB - Virtual size: 948KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 76KB - Virtual size: 145KB

_TEXT_HA Size: 68KB - Virtual size: 68KB

.text
Size: 948KB - Virtual size: 948KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 76KB - Virtual size: 145KB

_TEXT_HA
Size: 68KB - Virtual size: 68KB