0a2750f0ed52e581bd4339fa4b240b5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a2750f0ed52e581bd4339fa4b240b5e_JaffaCakes118
Size

536KB
MD5

0a2750f0ed52e581bd4339fa4b240b5e
SHA1

d50576ebca42a9565ad34d467af43717a2bb69e2
SHA256

bb94c2cb555c567eb0090e50b7c3a1d166d5ab2074b2c8feb02995d0aa6d7bd5
SHA512

a9629b494572d3e6c8e66ae48f101ae8e1635f8145037a68a27cb76aa8e9ba488afe9e742b02eb253818fbff9593ac278da7cb11a88b5a053cc8ef6cdeb55e8d
SSDEEP

12288:gMMnMMMMMUAIIXH0Gsy/tPMrSuQ2p9qBEPD/2Hj3f0rKCYDuZUoz:gMMnMMMMM75XRP/tkZQ2zqBEPSHzf0uc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a2750f0ed52e581bd4339fa4b240b5e_JaffaCakes118

Files

0a2750f0ed52e581bd4339fa4b240b5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8debee04dbae819ca82d4c1e05ff6288

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getnameinfo
getaddrinfo
WSALookupServiceEnd
freeaddrinfo
WSASendTo
WSAEventSelect
WSAStringToAddressA
WSASocketW
WSAIoctl
WSAAddressToStringW
WSALookupServiceNextW
WSALookupServiceBeginW
WSAAddressToStringA
WSARecvFrom

mswsock

AcceptEx
GetAcceptExSockaddrs

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitializeEx

kernel32

ChangeTimerQueueTimer
TerminateProcess
ReadFile
GetCurrentThreadId
EnterCriticalSection
QueueUserWorkItem
ReleaseMutex
CreateFileW
Sleep
GetComputerNameExW
FreeLibrary
GetSystemTimeAsFileTime
WriteFile
BindIoCompletionCallback
CreateTimerQueueTimer
InterlockedIncrement
GetTickCount
HeapDestroy
DeviceIoControl
CloseHandle
UnregisterWait
DeleteTimerQueueTimer
HeapFree
VirtualAlloc
MultiByteToWideChar
GetCurrentProcess
LeaveCriticalSection
UnhandledExceptionFilter
HeapAlloc
CreateMutexW
UnregisterWaitEx
SetEvent
CreateMutexA
SetUnhandledExceptionFilter
WaitForSingleObject
InitializeCriticalSection
CreateTimerQueue
SetLastError
GetLastError
DisableThreadLibraryCalls
CreateEventW
HeapCreate
RegisterWaitForSingleObject
GetProcAddress
InterlockedExchange
ExpandEnvironmentStringsW
HeapReAlloc
InterlockedDecrement
QueryPerformanceCounter
LoadLibraryW
DeleteTimerQueue
GetCurrentProcessId

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegisterServiceCtrlHandlerW
CryptAcquireContextW
SetServiceStatus
RegEnumValueW
CryptGenRandom
CryptReleaseContext

ntdll

NtWaitForDebugEvent
RtlAdjustPrivilege
RtlInitUnicodeString

ddraw

DirectDrawCreate

dnsapi

DnsReplaceRecordSetW

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo
NotifyAddrChange
NotifyRouteChange

msvcrt

memcpy
malloc
wcscpy
wcschr
_adjust_fdiv
wcslen
swprintf
wcscmp
wcscat
_initterm
_wcsicmp
memcmp
memset
_except_handler3
memmove
strlen
free
wcsncpy

Sections

.text
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 472KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8debee04dbae819ca82d4c1e05ff6288

Headers

File Characteristics

Imports

ws2_32

mswsock

ole32

kernel32

advapi32

ntdll

ddraw

dnsapi

iphlpapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 896B

.rsrc Size: 472KB - Virtual size: 470KB

.data Size: 20KB - Virtual size: 2.0MB

.reloc Size: 4KB - Virtual size: 64B

.rdata Size: 28KB - Virtual size: 24KB

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 4KB - Virtual size: 896B

.rsrc
Size: 472KB - Virtual size: 470KB

.data
Size: 20KB - Virtual size: 2.0MB

.reloc
Size: 4KB - Virtual size: 64B

.rdata
Size: 28KB - Virtual size: 24KB

.idata
Size: 4KB - Virtual size: 3KB