dc3ce0d803e1117531540ee30172b486_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc3ce0d803e1117531540ee30172b486_JaffaCakes118
Size

2.1MB
MD5

dc3ce0d803e1117531540ee30172b486
SHA1

eeaeceb22c84918272e2caa87fd0fd0a0c93853a
SHA256

0eb2a690eecf3e04135ae05df44f672f69bc15ebbacc6141a288b96a4d751182
SHA512

06c2c5f019b663e0d66fa7a2f9dbfd74c709c769a13ebe09cfe587b3b44cafa9d4408b7da084403fe1ff5aecaa77dcf16c62bde9cca32c2f09c3755671e4ac52
SSDEEP

49152:tOJ4c0d0Mu7xLw4c0f0Yek3SgYRCrE0L24dreIRTocJZRt:qiCfBc0fbe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc3ce0d803e1117531540ee30172b486_JaffaCakes118

Files

dc3ce0d803e1117531540ee30172b486_JaffaCakes118
.exe windows:4 windows x86 arch:x86

077b824af9a20dc9f73d400ebea40d4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
SetConsoleCtrlHandler
GetConsoleScreenBufferInfo
GetStdHandle
LocalFree
FormatMessageA
GetACP
GetOEMCP
GetCurrentProcessId
GetDiskFreeSpaceExA
GetVolumeInformationA
GetFileAttributesExW
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
VirtualAlloc
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
CreateProcessA
DuplicateHandle
GetCurrentProcess
CreatePipe
PeekNamedPipe
TerminateProcess
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualFree
GetModuleFileNameA
LoadLibraryA
DosDateTimeToFileTime
GetFileTime
CopyFileExA
FindClose
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindFirstFileA
GetVersion
GetFileAttributesW
SetFilePointer
GetLocalTime
GetFullPathNameA
FindNextFileA
SetVolumeLabelA
GetDriveTypeA
GetLocaleInfoA
FileTimeToSystemTime
SetConsoleMode
GetConsoleMode
lstrcpynA
LeaveCriticalSection
lstrcmpiA
GetLastError
lstrlenA
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
InterlockedExchange
CreateMutexA
HeapFree
HeapAlloc
GetProcessHeap
GetExitCodeProcess
RtlUnwind
GetCurrentThreadId
GetCurrentDirectoryW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetCPInfo
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
SetEndOfFile
GetFileAttributesA
SetEnvironmentVariableW
VirtualQuery
GetSystemInfo
VirtualProtect
FlushFileBuffers
SetCurrentDirectoryA
GetFullPathNameW
WriteFile
UnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetStartupInfoA
SetHandleCount
HeapCreate
HeapDestroy
GetFileType
SetStdHandle
HeapReAlloc
GetVersionExA
GetCommandLineA
RemoveDirectoryA
CreateDirectoryW
CreateDirectoryA
GetDateFormatA
GetTimeFormatA
GetCurrentDirectoryA
CreateFileW
SetFileTime
CloseHandle
SetConsoleTextAttribute
ExitProcess
GetFileAttributesExA
SetFileAttributesA
WideCharToMultiByte
MultiByteToWideChar
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
EnterCriticalSection
GetTickCount
FindNextFileW
MoveFileW
GetProcAddress
GetModuleHandleA
GetSystemTimeAsFileTime
DeleteFileA
DeleteFileW
GetDriveTypeW
FindFirstFileW
MoveFileA

user32

ReleaseDC
GetWindowDC
GetDesktopWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
MessageBeep
GetClipboardData
IsClipboardFormatAvailable
CharToOemA
wsprintfA
OemToCharA
MessageBoxA

gdi32

GetDeviceCaps

ws2_32

socket
htons
connect
send
recv
listen
gethostbyname
inet_ntoa
ntohs
shutdown
closesocket
WSACleanup
getsockname
bind
setsockopt
htonl
ntohl
sendto
recvfrom
select
gethostname
accept
ioctlsocket
WSAGetLastError
__WSAFDIsSet
inet_addr
WSAStartup

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
GetSecurityDescriptorControl
GetKernelObjectSecurity
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
IsValidAcl
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
IsValidSid
GetSecurityDescriptorGroup
OpenProcessToken

shell32

ShellExecuteA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 688KB - Virtual size: 686KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

077b824af9a20dc9f73d400ebea40d4b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

advapi32

shell32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 688KB - Virtual size: 686KB

.data Size: 56KB - Virtual size: 732KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 688KB - Virtual size: 686KB

.data
Size: 56KB - Virtual size: 732KB