092461ea93a18c7f3d7647f57b46ce9c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

092461ea93a18c7f3d7647f57b46ce9c_JaffaCakes118
Size

129KB
MD5

092461ea93a18c7f3d7647f57b46ce9c
SHA1

1b6b1297983bf407cf1d3e3bedd00572cc097f1a
SHA256

e3e3667e9fe56e0a9e5432ddd6cf93e71e05b5b605045245b029cdd2bac92acb
SHA512

4030e591ad14d8c71995c3fe8cdc56f8c7f6b17c12abb4a78ec475da6ff3ca5abe374624efe1a2ca8b5544717f41503b9d91a8ee1ab5e06baa707b201a36bdb6
SSDEEP

1536:RO1xYQOtZrETIgQsggQKtSSTDQtAInSZXIK66/1WBud8bt+J+ogt86TrRwJu7:UY9EUghgqD4rSZF6d885+J+oK8yCO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
092461ea93a18c7f3d7647f57b46ce9c_JaffaCakes118

Files

092461ea93a18c7f3d7647f57b46ce9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68b160c5739531c6c80cf2680e67a7f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

shutdown
inet_ntoa
ioctlsocket
ntohl
htonl
getsockname
gethostbyname
WSAStartup
select
inet_addr
connect
send
recv
htons
socket
setsockopt
bind
listen
accept
closesocket
WSACleanup

shell32

ShellExecuteA

advapi32

RegQueryValueExA
RegDeleteValueA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA

kernel32

SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
GetStringTypeA
LCMapStringW
LCMapStringA
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
CloseHandle
GetCurrentProcess
FindClose
FindFirstFileA
ExitThread
DeleteFileA
SetFileAttributesA
TerminateProcess
OpenProcess
lstrcmpiA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetWindowsDirectoryA
GetSystemDirectoryA
Sleep
ExitProcess
CreateProcessA
CreateThread
GetModuleFileNameA
CopyFileA
GetModuleHandleA
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
WaitForSingleObject
CreateMutexA
SetErrorMode
GetTickCount
GetTempPathA
CreateDirectoryA
GetVersionExA
TerminateThread
ExpandEnvironmentStringsA
GetFileAttributesA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
SetFileTime
GetFileTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetUnhandledExceptionFilter
HeapSize
FlushFileBuffers
SetFilePointer
GetFileType
GetStdHandle
HeapAlloc
RtlUnwind
RaiseException
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
ReadFile
SetHandleCount

user32

CharLowerA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68b160c5739531c6c80cf2680e67a7f7

Headers

File Characteristics

Imports

ws2_32

shell32

advapi32

wininet

kernel32

user32

version

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 30KB - Virtual size: 45KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 30KB - Virtual size: 45KB

.rsrc
Size: 512B - Virtual size: 16B