f003ccae82ab58cb641bfe60df0f4b5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f003ccae82ab58cb641bfe60df0f4b5e_JaffaCakes118
Size

62KB
MD5

f003ccae82ab58cb641bfe60df0f4b5e
SHA1

5eb3eb1cda710fd98be34219456fc53bedb4c408
SHA256

2c0392b7037034b92eeff321f2b4a23bf0d4c7ad830772758afe4b25917b66d6
SHA512

4118bbf457d94beab56d156227bb0d198b7eb58329e74605b0c766d782ec3201534f55cd41d7d4a3362a6f6c7941366e1df1416aad4b229c05af53aed3d7b5f4
SSDEEP

768:OgjXb2G00egPa7monga6VTBVkmhmjYfr/Nh3IwJ0M3w4tdnCt2AyHZo:j7bc0DPa7meaQUjFlIktwtlyH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f003ccae82ab58cb641bfe60df0f4b5e_JaffaCakes118

Files

f003ccae82ab58cb641bfe60df0f4b5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9c697eaff736eea7d59801708468232

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
GetLastError
CloseHandle
OpenMutexA
WinExec
GetTempPathA
WaitForSingleObject
ExitProcess
GlobalFree
LockResource
GlobalAlloc
DeleteFileA
lstrlenA
Process32Next
lstrcmpA
Process32First
CreateToolhelp32Snapshot
GlobalMemoryStatusEx
GetComputerNameA
GetLocaleInfoW
SetStdHandle
SetFilePointer
GetOEMCP
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
ResumeThread
Sleep
FreeLibrary
LoadLibraryA
LoadResource
GetProcAddress
GetACP
FlushFileBuffers
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
WriteFile
HeapFree
VirtualFree
GetTickCount
GetSystemDirectoryA
ExitThread
TerminateProcess
DeviceIoControl
CreateFileA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate

user32

wsprintfA
GetDesktopWindow

advapi32

CreateServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
DeleteService
RegQueryValueExA

shell32

ShellExecuteA

ws2_32

recv
setsockopt
WSAIoctl
__WSAFDIsSet
socket
connect
closesocket
select
send
WSAStartup
htons
gethostbyname
inet_addr
sendto
WSASocketA
htonl

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9c697eaff736eea7d59801708468232

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 14KB - Virtual size: 19KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 14KB - Virtual size: 19KB

.rsrc
Size: 3KB - Virtual size: 3KB