fe58658af0611c61a6f0c14a085e3df5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe58658af0611c61a6f0c14a085e3df5_JaffaCakes118
Size

248KB
MD5

fe58658af0611c61a6f0c14a085e3df5
SHA1

7fe7a6ebc720e39f91a083f12be593681dbf718a
SHA256

933009dd59c9f08be436eb2f7982beea0e21a5c71e782e0f020130d43031d3c1
SHA512

810544ee6ee86d55c1e0b48ecf8b6e84a4384532cc411cc60c65c72bcdc8fcf4322cae627baa2db6666a5de78c8d2ce08a5b0b78d15d4b7d884ac8517ce210b3
SSDEEP

6144:6WXOtT+IUZYmduxsCN7eV+tq7UClO/ylKEeBW5Dl:6WXOtCI8YmdWs8qV+tAUClO/ylKFiDl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe58658af0611c61a6f0c14a085e3df5_JaffaCakes118

Files

fe58658af0611c61a6f0c14a085e3df5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fcea072b7746e048ebfa1482ce958227

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleScreenBufferInfo
GetStdHandle
QueryPerformanceFrequency
GetTickCount
QueryPerformanceCounter
SleepEx
SetEvent
UnmapViewOfFile
CloseHandle
MapViewOfFile
OpenFileMappingA
GetCurrentProcessId
WaitForMultipleObjects
TerminateProcess
ResumeThread
GetLastError
CreateFileMappingA
CreateProcessA
GetCommandLineA
CreateEventA
GetModuleFileNameA
GetModuleHandleA
SetConsoleTitleA
GetProcAddress
SetConsoleCtrlHandler
TerminateThread
WaitForSingleObject
CreateThread
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileAttributesA
SetFileAttributesA
DeleteFileA
GetLocaleInfoW
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
InitializeCriticalSection
CreateFileA
VirtualQuery
InterlockedExchange
SetFilePointer
GetOEMCP
GetACP
MoveFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
ExitProcess
GetCurrentProcess
GetFileInformationByHandle
PeekNamedPipe
GetFileType
HeapAlloc
HeapReAlloc
HeapFree
GetVersionExA
WideCharToMultiByte
GetTimeZoneInformation
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
LoadLibraryA
WriteFile
ReadFile
GetCPInfo
DeleteCriticalSection
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
RtlUnwind
GetFullPathNameA
GetCurrentDirectoryA
SetHandleCount
GetStartupInfoA
FlushFileBuffers
SetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
CreateDirectoryA

wsock32

closesocket
setsockopt
getpeername
getsockname
select
send
recv
accept
listen
connect
bind
socket
WSAStartup
WSACleanup
ioctlsocket
WSAGetLastError
inet_addr
WSASetLastError
gethostbyname
ntohs
htons

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fcea072b7746e048ebfa1482ce958227

Headers

File Characteristics

Imports

kernel32

wsock32

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 20KB - Virtual size: 57KB

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 20KB - Virtual size: 57KB