d9a2026863ff7819d3fd0bf753f92b6c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9a2026863ff7819d3fd0bf753f92b6c_JaffaCakes118
Size

372KB
MD5

d9a2026863ff7819d3fd0bf753f92b6c
SHA1

7ab2b829f658a9c53b2e00aa21c82fae76493ccc
SHA256

f1f8d14c08feb96f35b3dce082344b664d4c7ac07ffc287b1f02a5e59b6083a5
SHA512

fc6a180311d028fa19188838729373eb06d259b3a1fe8a040b034c038215ad1296ed9297cd36df5b95140feceb6f5da6c376ce1fd002442648a4846dd94ae57d
SSDEEP

6144:qEukJZOllY0zQEPze4MxBGNURtqpXorIXHW19TWbZ44TEHTgS3t456:qFkJZcuYzkxBHRtO4rI3W22

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9a2026863ff7819d3fd0bf753f92b6c_JaffaCakes118

Files

d9a2026863ff7819d3fd0bf753f92b6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19d30c320efe24c6b1be2fe4b6e3c97b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
GlobalFree
GetStdHandle
LocalFree
AllocConsole
DeleteFileA
GetSystemDirectoryA
ResetEvent
SetEvent
FindClose
Sleep
SetConsoleCtrlHandler
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
GetLogicalDrives
MoveFileA
CreateDirectoryA
RemoveDirectoryA
InitializeCriticalSection
GetComputerNameA
DeleteCriticalSection
SizeofResource
GetPriorityClass
GetSystemInfo
VirtualQueryEx
GetEnvironmentVariableW
GetProcessHeap
HeapAlloc
HeapFree
OpenProcess
lstrcpynA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
ReadProcessMemory
VirtualFreeEx
GetCurrentProcess
CloseHandle
GetModuleHandleA
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcessId
LoadLibraryA
GetProcAddress
GetModuleFileNameA
FindResourceA
EnterCriticalSection
LoadResource
LockResource
TerminateProcess
LeaveCriticalSection
SetPriorityClass
CreateEventA
FreeConsole
GetTempPathA
GetFileType
FlushFileBuffers
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
SetHandleCount
WriteFile
GetACP
GetCPInfo
GetVersionExA
FreeLibrary
SetFilePointer
GetOEMCP
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
HeapSize
TlsGetValue
SetLastError
TlsAlloc
GetCurrentThreadId
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ExitThread
TlsSetValue
CreateThread
InterlockedExchange
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
CreateFileA
IsBadCodePtr
IsBadReadPtr
ResumeThread
HeapReAlloc
InterlockedIncrement
ReadFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
InterlockedDecrement
GetSystemTime
SetStdHandle
RaiseException
GetTimeZoneInformation
GetLocalTime
GetCommandLineA
GetVersion
ExitProcess

user32

OpenDesktopA
RegisterClassA
ReleaseDC
DrawIconEx
GetIconInfo
GetCursorPos
GetCursor
GetWindowRect
GetWindowDC
GetDesktopWindow
GetDC
mouse_event
GetMessageExtraInfo
keybd_event
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SetCursorPos
CloseDesktop
GetUserObjectInformationA
OpenInputDesktop
ExitWindowsEx
CreateWindowExA
DestroyWindow
DefWindowProcA

gdi32

StretchBlt
CreateCompatibleDC
GetDIBits
SelectObject
BitBlt
CreateCompatibleBitmap
DeleteObject
DeleteDC
GetObjectA

advapi32

IsValidSid
LookupAccountNameA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CopySid
GetLengthSid
GetUserNameA
StartServiceCtrlDispatcherA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
RegDeleteKeyA
CreateServiceA
DeleteService
QueryServiceStatus
ControlService
RegDeleteValueA
StartServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
DeregisterEventSource
ReportEventA
RegisterEventSourceA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

ShellExecuteA

ws2_32

recvfrom
setsockopt
gethostname
htonl
bind
listen
ntohs
socket
gethostbyname
connect
getsockname
accept
send
htons
inet_addr
sendto
select
__WSAFDIsSet
WSAGetLastError
closesocket
WSAStartup
WSACleanup
inet_ntoa

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19d30c320efe24c6b1be2fe4b6e3c97b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

Sections

.text Size: 244KB - Virtual size: 241KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 52KB - Virtual size: 61KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 244KB - Virtual size: 241KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 52KB - Virtual size: 61KB

.rsrc
Size: 48KB - Virtual size: 47KB