d23e72ee224602331a61f01691305108_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d23e72ee224602331a61f01691305108_JaffaCakes118
Size

184KB
MD5

d23e72ee224602331a61f01691305108
SHA1

e3cd1e225cd0d0c3cf9580ac945f9f23ae223f10
SHA256

0dd681f1920278f61d12056e220b3b49b44eaa3b50bdac3311301a028726280c
SHA512

31d9c6e7129434ae33dfeeaefe375e2282167926b4b907ed5582607d3601a29e933b449a36a10c48d18d58eb0d5ff061437070c50dcef38287bebf137c3f32a4
SSDEEP

3072:TTgjFWSc8wu8pH5nrWbn/rkgl3AeMsC2X/SPnLQdlD1KIPUWxoIL:TTgUq8pHUn/t9AeMXMplRTPUW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d23e72ee224602331a61f01691305108_JaffaCakes118

Files

d23e72ee224602331a61f01691305108_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22735c03e62e522c92dda85e3ce91843

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

ntohl
getsockname
inet_addr
accept
listen
bind
WSACleanup
gethostname
getpeername
__WSAFDIsSet
recv
send
shutdown
closesocket
socket
htons
htonl
connect
sendto
select
recvfrom
inet_ntoa
getsockopt
WSAGetLastError
WSAStartup
ioctlsocket
gethostbyname

kernel32

LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
InitializeCriticalSection
InterlockedIncrement
CloseHandle
TerminateProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
GetLocalTime
GetTickCount
ReadFile
GetFileSize
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
TerminateThread
GetCurrentProcessId
ReleaseMutex
ExitProcess
GetSystemDirectoryA
GetLocaleInfoA
GetSystemDefaultLangID
GetComputerNameA
SetThreadPriority
GetThreadPriority
GetCurrentThread
SetPriorityClass
GetPriorityClass
GetCurrentProcess
QueryPerformanceCounter
QueryPerformanceFrequency
CreateProcessA
GetLastError
CreateMutexA
WriteFile
ExpandEnvironmentStringsA
GetShortPathNameA
GetTempPathA
InterlockedDecrement
SetFilePointer
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetModuleFileNameA
CopyFileA
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetVersion
GetCommandLineA
RtlUnwind
GetModuleHandleA
GetStartupInfoA

user32

ReleaseDC
GetDC
CharToOemA
EnumWindows
GetParent
IsWindowEnabled
IsWindowVisible
GetClassNameA
GetWindowTextA
GetWindowThreadProcessId

gdi32

GetDeviceCaps

advapi32

RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
GetUserNameA

wininet

InternetGetConnectedState
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA

winmm

timeEndPeriod
timeSetEvent
timeBeginPeriod
timeKillEvent

shlwapi

PathRemoveFileSpecA

mpr

WNetOpenEnumA
WNetAddConnection2A
WNetCancelConnectionA
WNetEnumResourceA
WNetCloseEnum

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22735c03e62e522c92dda85e3ce91843

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

advapi32

wininet

winmm

shlwapi

mpr

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 40KB - Virtual size: 144KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 232B

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 40KB - Virtual size: 144KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 232B

.reloc
Size: 12KB - Virtual size: 9KB