fa8394410f562112b12b4cc4b3be50e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa8394410f562112b12b4cc4b3be50e4_JaffaCakes118
Size

80KB
MD5

fa8394410f562112b12b4cc4b3be50e4
SHA1

7f1d56d069152837c287ca4d8d7bd912823a9123
SHA256

d073f8a9e8c93b78bb6d77b9bda09ac1f226051eb9dda7d411e9711faaca0c99
SHA512

7aa9942cf31be17a4615882286fa9a78067266ddd8343da3b7b2d5a6c21af98c156a4435d55c5043b10cefcee7d3dfc71b0eeb84e7f057d9e00dc0f7e12d2092
SSDEEP

1536:ZKpvDMqQvmlozfGYYB2xnytp0nyEpNlJcF43zHoTmNW:opv4Tvml2FbymKmjHoTm0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa8394410f562112b12b4cc4b3be50e4_JaffaCakes118

Files

fa8394410f562112b12b4cc4b3be50e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

779c42ab85cdfed0163cb43246fae0dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetDriveTypeA
GetLogicalDriveStringsA
WinExec
TerminateProcess
OpenProcess
GetLastError
Process32Next
FindNextFileA
CreateToolhelp32Snapshot
GetComputerNameA
SetFileAttributesA
WritePrivateProfileStringA
CreateThread
GetPrivateProfileStringA
GetCurrentDirectoryA
FileTimeToLocalFileTime
CreateFileA
GetFileSize
WriteFile
DeleteFileA
GetSystemDirectoryA
ExitProcess
CreateProcessA
WaitForSingleObject
ReadFile
GetStdHandle
Sleep
CloseHandle
GetModuleFileNameA
GetFullPathNameA
Process32First
FileTimeToSystemTime
FindClose
SetEnvironmentVariableA
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
GetExitCodeProcess
SetStdHandle
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
HeapAlloc
HeapFree
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapReAlloc
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetProcAddress
GetFileAttributesA
SetFilePointer
FlushFileBuffers
SetUnhandledExceptionFilter
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType

user32

wsprintfA

gdi32

GetDeviceCaps
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
GetDIBColorTable
DeleteObject
DeleteDC
CreateDCA

advapi32

LookupAccountNameA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

ShellExecuteA

ws2_32

WSAStartup
socket
htons
htonl
closesocket
listen
accept
WSACleanup
inet_ntoa
send
recv
connect
gethostbyname
bind
inet_addr

netapi32

NetWkstaTransportEnum
NetApiBufferFree

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

779c42ab85cdfed0163cb43246fae0dc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

netapi32

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 25KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 25KB