fce965a4666983433a8f3b8f0413c9b8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fce965a4666983433a8f3b8f0413c9b8_JaffaCakes118
Size

2.2MB
MD5

fce965a4666983433a8f3b8f0413c9b8
SHA1

189ee4fdf1862e01840fedd56a34d4b1da29068d
SHA256

3f5a19aadef78d1853d135c6448cf4b8d82c335d362085f29f219c1386e4b14d
SHA512

8f77fd5f2ca190ea892474e1197cf72c6d8aca8ccd5fa1e2868f4ec2188bddafe5b482c3f80245007501cc06a15e864b1624970c6f22e5196604ff63386bc710
SSDEEP

49152:v4RgReUgDOFC2DfLtxv3muw0uhJ7SIOTzB7Lv9770MY8rFu:npNh7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fce965a4666983433a8f3b8f0413c9b8_JaffaCakes118

Files

fce965a4666983433a8f3b8f0413c9b8_JaffaCakes118
.exe windows:4 windows x64 arch:x64

f1ea52930240316b8f1c57d9d17b1ad1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libcurl-4

curl_easy_cleanup
curl_easy_getinfo
curl_easy_init
curl_easy_perform
curl_easy_reset
curl_easy_setopt
curl_global_init
curl_slist_append
curl_slist_free_all
curl_version

libeay32

SHA1_Final
SHA1_Init
SHA1_Update
SHA256
SHA256_Final
SHA256_Init
SHA256_Update
SHA512_Final
SHA512_Init
SHA512_Update

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FillConsoleOutputCharacterA
FreeConsole
FreeLibrary
GetConsoleScreenBufferInfo
GetConsoleWindow
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
ResumeThread
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleCtrlHandler
SetConsoleTextAttribute
SetEvent
SetLastError
SetPriorityClass
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WriteConsoleW

msvcrt

__C_specific_handler
__argv
__dllonexit
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_aligned_free
_aligned_malloc
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_exit
_fileno
_fmode
_ftime64
_getpid
_gmtime64
_initterm
_isatty
_localtime64
_lock
_onexit
_setjmp
_snprintf
_snwprintf
_stricmp
_strnicmp
_time64
_unlock
_vscprintf
_vsnprintf
abort
atof
atoi
atol
calloc
clock
exit
fclose
fflush
fgetc
fopen
fprintf
fputc
fputs
free
fwprintf
fwrite
getenv
isalpha
islower
isspace
isupper
localeconv
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
printf
puts
qsort
raise
rand
realloc
setlocale
signal
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncat
strncmp
strncpy
strrchr
strspn
strstr
strtok
strtol
strtoul
toupper
vfprintf
wcscpy
wcstombs
_stat64
longjmp
_strdup

user32

MessageBoxW
ShowWindow

ws2_32

WSAGetLastError
WSAIoctl
accept
bind
closesocket
htonl
htons
inet_addr
inet_ntoa
listen
recv
select
send
socket

libgcc_s_seh-1

__emutls_get_address

libstdc++-6

_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 73KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f1ea52930240316b8f1c57d9d17b1ad1

Headers

File Characteristics

Imports

libcurl-4

libeay32

kernel32

msvcrt

user32

ws2_32

libgcc_s_seh-1

libstdc++-6

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.data Size: 7KB - Virtual size: 6KB

.rdata Size: 375KB - Virtual size: 374KB

.pdata Size: 21KB - Virtual size: 21KB

.xdata Size: 23KB - Virtual size: 23KB

.bss Size: - Virtual size: 73KB

.idata Size: 7KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 120B

.tls Size: 512B - Virtual size: 104B

.text
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 7KB - Virtual size: 6KB

.rdata
Size: 375KB - Virtual size: 374KB

.pdata
Size: 21KB - Virtual size: 21KB

.xdata
Size: 23KB - Virtual size: 23KB

.bss
Size: - Virtual size: 73KB

.idata
Size: 7KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 120B

.tls
Size: 512B - Virtual size: 104B