fc5910ab0a1f51ba6d28d5e5cfa9898c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc5910ab0a1f51ba6d28d5e5cfa9898c_JaffaCakes118
Size

243KB
MD5

fc5910ab0a1f51ba6d28d5e5cfa9898c
SHA1

e5592877196b5210f5f15e0a2eaf67d3f88c135a
SHA256

0bf26328ed422e23dd4a94756e88797e033f65908cc26509e8fe5a83841f0bc3
SHA512

753e3c934f37a15aeb99be6a9a92365d2f801cdcd1d8ffae627498528412850e54c2b17138b8f3ed90b378fd7a2987494f81daf3d315f97bf3856647a5dfb64a
SSDEEP

6144:YvoMvtQYA99LIxGtp7gZQ+4CcxYc/ZwyUiYQw4dAN9inWTY+otHbyYuZkqQm:YvoMvtQYA9KxGtGW2cBRUmd8onWM+2kH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc5910ab0a1f51ba6d28d5e5cfa9898c_JaffaCakes118

Files

fc5910ab0a1f51ba6d28d5e5cfa9898c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

629ad4071da9f0aaa4b7c4ff3ccd1989

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htons
inet_addr
gethostname
gethostbyname

iphlpapi

GetBestInterface
GetIpAddrTable

kernel32

GetProcessHeap
TlsAlloc
WaitForSingleObject
lstrcpyW
lstrlenW
CreateEventW
CreateMutexW
FreeLibrary
GlobalAlloc
ExpandEnvironmentStringsW
GetModuleHandleW
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCurrentThreadId
FatalAppExitA
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
IsValidLocale
BeginUpdateResourceW
GetProcAddress

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

uxtheme

GetThemeFont
DrawThemeBackground
CloseThemeData
GetThemeBackgroundRegion
DrawThemeEdge
GetThemeSysBool

scecli

SceSetupUpdateSecurityService
SceGetDatabaseSetting
DeltaNotify
SceProcessSecurityPolicyGPO
SceSetupMoveSecurityFile
SceSvcSetInformationTemplate

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UsNfGf
Size: 3KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.APdHNF
Size: 1KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ER
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oUlM
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NJh
Size: 91KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RQmp
Size: 2KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OInf
Size: 120KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

629ad4071da9f0aaa4b7c4ff3ccd1989

Headers

File Characteristics

Imports

ws2_32

iphlpapi

kernel32

advapi32

uxtheme

scecli

Sections

.text Size: 13KB - Virtual size: 12KB

.UsNfGf Size: 3KB - Virtual size: 488KB

.APdHNF Size: 1KB - Virtual size: 125KB

.rdata Size: 1KB - Virtual size: 24KB

.ER Size: 512B - Virtual size: 16KB

.oUlM Size: 512B - Virtual size: 21KB

.NJh Size: 91KB - Virtual size: 96KB

.RQmp Size: 2KB - Virtual size: 51KB

.data Size: 7KB - Virtual size: 63KB

.OInf Size: 120KB - Virtual size: 213KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.UsNfGf
Size: 3KB - Virtual size: 488KB

.APdHNF
Size: 1KB - Virtual size: 125KB

.rdata
Size: 1KB - Virtual size: 24KB

.ER
Size: 512B - Virtual size: 16KB

.oUlM
Size: 512B - Virtual size: 21KB

.NJh
Size: 91KB - Virtual size: 96KB

.RQmp
Size: 2KB - Virtual size: 51KB

.data
Size: 7KB - Virtual size: 63KB

.OInf
Size: 120KB - Virtual size: 213KB

.rsrc
Size: 2KB - Virtual size: 1KB