eab54fa7315ca388b13d9bbb8e37ce14_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eab54fa7315ca388b13d9bbb8e37ce14_JaffaCakes118
Size

964KB
MD5

eab54fa7315ca388b13d9bbb8e37ce14
SHA1

6d741eaf7cd0ea9d53052225d4f6bc5aa5ee21b3
SHA256

95a27c1190affa00f069cb8966f9c5487ac4009848021596b57478658cbfe28f
SHA512

33a600fc4edb926de1726af9d02ac11130ee896ee4373c831b65103e337789e3c3ab36f02760d3365c9f42bdf826f0a3b49ac4216ad2de55c4f1cd1873bbbdf7
SSDEEP

6144:eS+M0ROoZ04CUpNZ7xbKoV2cN+P31ja/VozMUqKfA:eS+MgLCUpn7xbNZN+P31ja/NvK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eab54fa7315ca388b13d9bbb8e37ce14_JaffaCakes118

Files

eab54fa7315ca388b13d9bbb8e37ce14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a5232ec5f8fc6e91a6abb42dd3ed10d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohs
inet_ntoa
inet_addr
htons
connect
WSACleanup
WSAStartup
setsockopt
ioctlsocket
bind
listen
accept
recv
closesocket
socket
send
select
__WSAFDIsSet

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GlobalLock
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
SetEndOfFile
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetConsoleCtrlHandler
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
ExitProcess
CloseHandle
CreateProcessA
GetModuleFileNameA
GetSystemDirectoryA
Sleep
CreateThread
DeleteFileA
OpenProcess
GetCurrentProcessId
GetLastError
CopyFileA
SetFileAttributesA
GetFileAttributesA
GetModuleHandleA
WaitForSingleObject
CreateMutexA
GetTickCount
MoveFileA
GetTempPathA
TerminateThread
LoadLibraryA
GetProcAddress
GetComputerNameA
GetLocaleInfoA
GetVersionExA
ExitThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WriteFile
ReadFile
TerminateProcess
DuplicateHandle
GetCurrentProcess
CreatePipe
GetTimeFormatA
GetDateFormatA
GetFileSize
CreateFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
SetFilePointer
WaitForMultipleObjects
GenerateConsoleCtrlEvent
GetLocalTime
FormatMessageA
GlobalUnlock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
lstrcmpiA
GetExitCodeProcess
PeekNamedPipe
GetLogicalDrives
GlobalMemoryStatus
IsBadWritePtr
IsBadReadPtr
HeapValidate
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
OutputDebugStringA
InitializeCriticalSection
FatalAppExitA
HeapAlloc
HeapReAlloc
HeapFree
VirtualFree
VirtualAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
GetCPInfo
GetACP
GetOEMCP
RaiseException
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA

Sections

.text
Size: 952KB - Virtual size: 952KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4a5232ec5f8fc6e91a6abb42dd3ed10d

Headers

File Characteristics

Imports

ws2_32

version

kernel32

Sections

.text Size: 952KB - Virtual size: 952KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 952KB - Virtual size: 952KB

.rsrc
Size: 8KB - Virtual size: 8KB