ee92daf857a5bda263f6741df4796940_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ee92daf857a5bda263f6741df4796940_JaffaCakes118
Size

85KB
MD5

ee92daf857a5bda263f6741df4796940
SHA1

91f9db279237b0cb0adece073e6dae5a1f0b5bbd
SHA256

f6351b4088886de5a58818000c0b99e302354f789d2de1d4bca1291f4847f9d8
SHA512

98abfa37ac754eecb2b63c503fd4b0a4744656f15f341760462ed2ecc1cd6536df65ea9de8440b2b727e0e15c20b966da04ed22ef70b98f6b28212389eb60a93
SSDEEP

1536:7esdME2JlzUdWv9isBRaybqc/9Si0frKXtuMzof1bx8+m:TME2Id6IMzx9SoMMzof1bx8+m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee92daf857a5bda263f6741df4796940_JaffaCakes118

Files

ee92daf857a5bda263f6741df4796940_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cea6998d2a58447a5ed9551acd410ba6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

shutdown
getsockname
gethostbyname
inet_ntoa
ntohl
htonl
ioctlsocket
setsockopt
bind
listen
accept
inet_addr
select
WSAStartup
WSACleanup
htons
socket
connect
send
closesocket
recv

user32

wsprintfA
FindWindowA
IsWindow
SendMessageA
FindWindowExA

advapi32

ControlService
CreateServiceA
LockServiceDatabase
QueryServiceLockStatusA
ChangeServiceConfig2A
UnlockServiceDatabase
OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
DeleteService

shfolder

SHGetFolderPathA

kernel32

GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetFileType
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
WideCharToMultiByte
GetModuleFileNameA
HeapReAlloc
CloseHandle
CreateProcessA
ExitThread
ExitProcess
GetTempPathA
GetSystemDefaultLangID
Sleep
lstrcmpiA
ReleaseMutex
GetTickCount
CreateMutexA
SetFileAttributesA
GetLastError
CreateDirectoryA
GetModuleHandleA
CreateThread
OpenMutexA
SetErrorMode
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
DeleteFileA
LocalFree
LocalAlloc
GetVersionExA
GetLocaleInfoA
TerminateThread
WaitForSingleObject
WritePrivateProfileStringA
CopyFileA
GetDriveTypeA
GetLogicalDriveStringsA
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
WriteFile
ReadFile
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cea6998d2a58447a5ed9551acd410ba6

Headers

File Characteristics

Imports

ws2_32

user32

advapi32

shfolder

kernel32

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 26KB - Virtual size: 26KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 26KB - Virtual size: 26KB