d6725f00979831b7ef2a1b50ddeb9b98_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6725f00979831b7ef2a1b50ddeb9b98_JaffaCakes118
Size

124KB
MD5

d6725f00979831b7ef2a1b50ddeb9b98
SHA1

89317aea684ce3651a96e39728f72a719b5529c5
SHA256

b55c9007e68218aad703974a6568bbc34a3b334ba32c748e5b8c6abde6b800e5
SHA512

6a7ed61f851b099abf11d6a72d10968fc433eb17e2cb52670f616043153b4fa4f87a9f0e077ce414b1c36110f74bde28f2b1a5cb19558bfc18d06a6578abc4df
SSDEEP

1536:ij66m+CyoPOSbDTibV8yJiEzTtgbHBxol4jRnLGqmJpPET6FtR0gGpyqkRe6FZZ7:D6mtGmDTiCoi2tOxolNqApsT+qxkT9o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6725f00979831b7ef2a1b50ddeb9b98_JaffaCakes118

Files

d6725f00979831b7ef2a1b50ddeb9b98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8f107c8e0f70045772c41b6b54800be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
DeleteFileA
CreateMutexA
SetEvent
WaitForMultipleObjects
SetThreadPriority
GetTempPathA
SetFileAttributesA
GetTickCount
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
GetVersion
CreateEventA
GetLastError
CloseHandle
ExitProcess
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread
WaitForSingleObject
GetCurrentProcess
CreateProcessA
GetSystemDirectoryA
CopyFileA
GetModuleFileNameA
OpenMutexA
OpenEventA
HeapSize
SetFilePointer
TerminateProcess
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
SetEnvironmentVariableA
Sleep
SetHandleCount
IsBadCodePtr
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
RtlUnwind
HeapAlloc
HeapFree
ReadFile
IsBadReadPtr
WriteFile
VirtualAlloc
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree

advapi32

RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
CreateServiceA
StartServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
RegCloseKey

ws2_32

accept
listen
setsockopt
recvfrom
sendto
getpeername
htonl
bind
WSASetLastError
gethostname
htons
inet_addr
socket
WSAGetLastError
select
__WSAFDIsSet
closesocket
send
recv
gethostbyname
WSAStartup
connect
ioctlsocket

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8f107c8e0f70045772c41b6b54800be

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 6KB - Virtual size: 5KB

.idata Size: 12KB - Virtual size: 139KB

.rsrc Size: 46KB - Virtual size: 46KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 6KB - Virtual size: 5KB

.idata
Size: 12KB - Virtual size: 139KB

.rsrc
Size: 46KB - Virtual size: 46KB