073494a4eaca33c39d5b6843d62b7055_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

073494a4eaca33c39d5b6843d62b7055_JaffaCakes118
Size

380KB
MD5

073494a4eaca33c39d5b6843d62b7055
SHA1

787d36c65d7b8a8aa44cf30afd9c5bd808c23b3c
SHA256

a0f951e357cff9a6a0c8ada565fc9a6ada35b599b24ef16a434739c26139fc05
SHA512

d8b4d6ad2080fbc833ff28cfc296c72e202ed1b4f5d97a7751985db5cf165c7c09219397dd2e9b7a4d33edb37050c282f15f7e06c63cf4a15578f12476fadc96
SSDEEP

6144:auyU7uWgpC7ElTdY9Fr3dohtP8/gNwp4+wPpRCM2S7og0B080EbUcD0y2mb:auNudpC4KFx58wpy+g0B0807r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
073494a4eaca33c39d5b6843d62b7055_JaffaCakes118

Files

073494a4eaca33c39d5b6843d62b7055_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f0f5098163bf9eb4d37d6bbf1fad24c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\MyProjects\Sentinel\Exe\Release\SENTEMUL'2006.pdb

Imports

kernel32

GlobalFree
LoadLibraryA
lstrcmpiA
GetVersion
VirtualProtect
GlobalAlloc
IsBadWritePtr
ExitProcess
InitializeCriticalSection
GetCurrentProcessId
GetTickCount
ResumeThread
SuspendThread
Sleep
CloseHandle
GetExitCodeThread
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetCurrentThreadId
GetLastError
SetConsoleCtrlHandler
CreateFileA
CreateFileW
GetFileInformationByHandle
GetFileSize
LockFile
LockFileEx
OpenFile
ReadFile
ReadFileEx
SetEndOfFile
SetFilePointer
UnlockFile
UnlockFileEx
WriteFile
WriteFileEx
_hread
_hwrite
_lclose
GetCurrentThread
GetCurrentProcess
_lopen
_lread
_lwrite
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
FreeLibrary
CreateFileMappingA
CreateFileMappingW
OpenFileMappingA
OpenFileMappingW
SetLastError
IsBadReadPtr
CreateEventA
WaitForSingleObject
SetEvent
GetOverlappedResult
VirtualAlloc
VirtualFree
WideCharToMultiByte
GetFileType
DeleteFileA
DeleteFileW
GetFullPathNameA
DeviceIoControl
GetTempPathA
GetWindowsDirectoryA
GetCommandLineA
GetPriorityClass
SetPriorityClass
GetThreadPriority
SetThreadPriority
lstrcpyA
DuplicateHandle
GetLocalTime
GetModuleHandleA
CreateThread
_llseek
_lcreat
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
ResetEvent
WaitForMultipleObjects
GetEnvironmentVariableA
FlushViewOfFile
UnmapViewOfFile
OpenEventA
CreateMutexA
LocalAlloc
ReleaseMutex
MultiByteToWideChar
lstrcmpA
LocalFree
MapViewOfFile
lstrlenA
GetVersionExA

user32

CallNextHookEx
SetWindowsHookExA
GetActiveWindow
MessageBoxA
wsprintfA
GetSystemMetrics

msvcrt

ctime
strncat
strrchr
strchr
strtol
getenv
_strupr
strncpy
_beginthreadex
atol
_setmbcp
setlocale
malloc
fprintf
wcslen
__p__pctype
_isctype
__p___mb_cur_max
atoi
fopen
vfprintf
fclose
sprintf
toupper
sscanf
strstr
_getpid
time
srand
rand
exit
free
_stricmp

advapi32

GetUserNameA
RegCloseKey
RegOpenKeyA
RegQueryValueExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

wsock32

recv
bind
WSAGetLastError
getpeername
closesocket
send
connect
gethostname
getsockname

Sections

0000001
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000002
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000003
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0000005
Size: 54KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000006
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0000007
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

0000008
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f0f5098163bf9eb4d37d6bbf1fad24c

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcrt

advapi32

wsock32

Sections

0000001 Size: 40KB - Virtual size: 36KB

0000002 Size: 8KB - Virtual size: 7KB

0000003 Size: 4KB - Virtual size: 7KB

.rsrc Size: 176KB - Virtual size: 175KB

0000005 Size: 54KB - Virtual size: 59KB

0000006 Size: 4KB - Virtual size: 3KB

0000007 Size: 77KB - Virtual size: 76KB

0000008 Size: 8KB - Virtual size: 4KB

0000001
Size: 40KB - Virtual size: 36KB

0000002
Size: 8KB - Virtual size: 7KB

0000003
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 176KB - Virtual size: 175KB

0000005
Size: 54KB - Virtual size: 59KB

0000006
Size: 4KB - Virtual size: 3KB

0000007
Size: 77KB - Virtual size: 76KB

0000008
Size: 8KB - Virtual size: 4KB