bbb0be9930f66314cf96369ebb07a069_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bbb0be9930f66314cf96369ebb07a069_JaffaCakes118
Size

236KB
MD5

bbb0be9930f66314cf96369ebb07a069
SHA1

c7475c99548eb1d893fe3a541775b1e149909300
SHA256

fdaa6ef8747df00cfb169903e913d723d71a12d85dc3b57d4b6a44806b8b4df6
SHA512

be4c730e870dadb381a7a5d90f826a9426bfa6c56d2b22e2f032db97dc915707fe97de922d91a9db4a49d2df1d5a70dbdc910889e6b0f834c54d8704fe6d861a
SSDEEP

6144:eNVFyiBVgiklXBnms4DzyP2mGeQ/iUkGe:e7FyiBVqnmZDz+RIe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbb0be9930f66314cf96369ebb07a069_JaffaCakes118

Files

bbb0be9930f66314cf96369ebb07a069_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f5b96233c6407708b718a838577df4bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\SecurityProg\kgg\ManualMap\ManualMapMainNew\bin\Main.pdb

Imports

ws2_32

WSAStartup
inet_ntoa
gethostbyname
WSACleanup
gethostname

kernel32

LoadLibraryA
GetSystemDirectoryA
CloseHandle
CreateFileA
GetFileSize
Sleep
VirtualFreeEx
CreateRemoteThread
GetCurrentProcess
GetLastError
OpenMutexA
CopyFileA
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
SetFileAttributesA
GetTempFileNameA
GetSystemTime
GetModuleHandleA
GetModuleFileNameA
GetTempPathA
ExitProcess
CreateMutexA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetModuleHandleW
OpenProcess
VirtualAllocEx
VirtualProtect
GetProcAddress
VirtualProtectEx
LoadLibraryExA
Module32Next
Module32First
SizeofResource
LockResource
LoadResource
FindResourceA
FileTimeToSystemTime
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
SystemTimeToFileTime
GetLocalTime
GetTickCount
lstrlenA
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetStringTypeA
GetVersionExA
GetSystemInfo
GetConsoleMode
InitializeCriticalSectionAndSpinCount
WriteProcessMemory
GetLocaleInfoA
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetStringTypeW
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
DeleteFileA
MultiByteToWideChar
HeapAlloc
GetCommandLineA
GetStartupInfoA
HeapFree
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter

user32

MessageBoxA
GetKeyState
GetWindowThreadProcessId
GetDesktopWindow
SetWindowsHookExA
SetTimer
GetMessageA
DispatchMessageA
GetKeyboardLayout
MapVirtualKeyExA
GetKeyboardState
ToUnicodeEx
CallNextHookEx
GetForegroundWindow

advapi32

OpenProcessToken
AdjustTokenPrivileges
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
LookupPrivilegeValueA

ole32

CoInitialize
CoCreateInstance

oleaut32

VariantClear
SysAllocString

shlwapi

StrStrIA

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5b96233c6407708b718a838577df4bb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 135KB - Virtual size: 134KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 63KB - Virtual size: 63KB

.text
Size: 135KB - Virtual size: 134KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 63KB - Virtual size: 63KB