cea285a90dcd1414c084a579e4a6788c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cea285a90dcd1414c084a579e4a6788c_JaffaCakes118
Size

54KB
MD5

cea285a90dcd1414c084a579e4a6788c
SHA1

bd7a3563465b243f56e96502c4fb41895885f76e
SHA256

0b6440c1254171511c69b667449939a167396e5f7ea62d8cc069b78f3115eec0
SHA512

e133f25af66fe3fb14ef30c9cd141368b45f6094ab671578adf8af47244eed021d754e751e87dd8494ca06241a5ede0489479005482412cd3460e6270a43c90b
SSDEEP

768:P4zmvAIRchzmdazFf2o/h1t5KqTZHrT0mmwA4Pop479mTeDImSeoAxBd:P4tKc9FzFuo/qoHrCwA28MnNoAx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cea285a90dcd1414c084a579e4a6788c_JaffaCakes118

Files

cea285a90dcd1414c084a579e4a6788c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36dc94bfbd036f54609011cbae726dc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrlenA
lstrcpynA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
WriteFile
Sleep
ResumeThread
CreateThread
CreateFileA
ReadFile
GetFileSize
WaitForSingleObject
lstrcmpA
GetDiskFreeSpaceA
GetDriveTypeA
GlobalMemoryStatus
GetVersionExA
GetSystemInfo
GetComputerNameA
MultiByteToWideChar
SetPriorityClass
GetCurrentProcess
SetThreadPriority
GetCurrentThread
GetProcAddress
LoadLibraryA
FindFirstFileA
GetSystemDirectoryA
GetWindowsDirectoryA
SetFilePointer
GetFileAttributesA
SetFileTime
SetEndOfFile
UnmapViewOfFile
FlushViewOfFile
lstrcmpiA
IsBadCodePtr
MapViewOfFile
CreateFileMappingA
GetFileTime
SetFileAttributesA
DuplicateHandle
CreateProcessA
CopyFileA
GetFullPathNameA
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
ReleaseMutex
LCMapStringA
GetOEMCP
LCMapStringW
GetACP
lstrcpyA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
FreeLibrary
GetTickCount
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
HeapAlloc
RtlUnwind
HeapFree
ExitProcess
TerminateProcess
GetStartupInfoA

user32

FindWindowA
CharUpperA
RegisterClassA
DefWindowProcA
wsprintfA

advapi32

RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCloseKey
GetUserNameA
RegCreateKeyA

ws2_32

connect
select
accept
inet_addr
socket
setsockopt
htons
ioctlsocket
listen
getsockname
closesocket
gethostname
gethostbyname
ntohs
WSAStartup
WSACleanup
recv
send
recvfrom
sendto
bind

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

36dc94bfbd036f54609011cbae726dc7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 6KB - Virtual size: 26KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 6KB - Virtual size: 26KB