c19f1512aaf10ebc234bb7cf9f5aeae2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c19f1512aaf10ebc234bb7cf9f5aeae2_JaffaCakes118
Size

177KB
MD5

c19f1512aaf10ebc234bb7cf9f5aeae2
SHA1

f01181d1ce6307293576bd5720cc00b0b046d5e1
SHA256

c8fea5955edff37076f0391560170c8137e63ed0b7b21b8a3c02916252bb4f99
SHA512

a3478c24e7564178d94753f7b770b3048f8c7c314100af2a92cd1fe654a057b0f625a5d72321d94ff843845dfe4a8814c84e24ee385648b16267d1ad5ec0cd66
SSDEEP

1536:zMJldLOrI46UWYX5vOyi/ndWURbdzDd24ttmoa0eNQwE8Lho7Ahtn3d:IJldKrI46UbX1On7vo0mXfxSMtn3d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c19f1512aaf10ebc234bb7cf9f5aeae2_JaffaCakes118

Files

c19f1512aaf10ebc234bb7cf9f5aeae2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

937cc96ef3cef8a939703679fde137e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetCurrentThreadId
GetVersionExA
CloseHandle
GetCurrentProcessId
WriteFile
GetLastError
SetLastError
GetProcAddress
LoadLibraryA
GetCurrentDirectoryA
GetFileSize
lstrcmpA
SetFilePointer
Process32First
GlobalLock
OpenProcess
GlobalAlloc
TerminateThread
Sleep
CreateSemaphoreA
TerminateProcess
ReadFile
GlobalUnlock
SetCurrentDirectoryA
FindFirstFileA
SetFileAttributesA
GlobalFree
FindClose
Process32Next
FindNextFileA
CreateToolhelp32Snapshot
DeleteFileA
CreateThread
MapViewOfFile
FlushViewOfFile
CopyFileA
CreateFileMappingA
GetDiskFreeSpaceA
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
GetWindowsDirectoryA
CreateProcessA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
GetTickCount
CreateFileA
CreateDirectoryA
RaiseException
GetCurrentProcess
UnmapViewOfFile
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RtlUnwind
HeapSize
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
ExitProcess
GetModuleHandleA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetProcessHeap
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA

user32

mouse_event
LoadCursorA
FindWindowA
UpdateWindow
IsWindowVisible
DispatchMessageA
PostMessageA
EnumChildWindows
GetCursorPos
DefWindowProcA
RegisterClassA
SetCursorPos
GetWindowTextA
TranslateMessage
IsWindowEnabled
LoadIconA
GetWindowRect
SetTimer
GetClassNameA
GetMessageA
DestroyWindow
CreateWindowExA
CreateDesktopA
CloseDesktop
SetWindowPos
ShowWindow
SetThreadDesktop

gdi32

GetStockObject

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA

shell32

ShellExecuteA

wininet

InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetOpenA
InternetReadFile

ws2_32

send
connect
gethostbyname
closesocket
socket
recv
WSACleanup
htons
inet_addr
WSAStartup
inet_ntoa

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

937cc96ef3cef8a939703679fde137e7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wininet

ws2_32

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 50KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 50KB

.rsrc
Size: 1KB - Virtual size: 1KB