0b8202c12adbed139477427b4be69e06_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0b8202c12adbed139477427b4be69e06_JaffaCakes118
Size

258KB
MD5

0b8202c12adbed139477427b4be69e06
SHA1

1b39340c2b760e2b3161717037191ef023183403
SHA256

65872175b0083d4f69c77c74b58cfd9e99c1a8073853055b8190d4d87595ce1b
SHA512

395b9a890053ab3b78867b784509f3ae1b549f3fd0e4e59fdace6bbead5d0dc292eaec91fd89e49fb42cc3cc88d168a2e741c1fc1630e9b58b0ffcaec4fb0c31
SSDEEP

6144:SyqIDbw+NoziFRZLob+lBpdgEA1fmd4qgvSg2nH:FqID/PZLob+lBpdXYmSq+STH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b8202c12adbed139477427b4be69e06_JaffaCakes118

Files

0b8202c12adbed139477427b4be69e06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69a13c815b27c3c264a4065ee441bf7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getservbyport
gethostbyname
WSASetLastError
ioctlsocket
WSACleanup
listen
htonl
WSAGetLastError
socket
recv
getsockopt
closesocket
connect
select
accept
getservbyname
ntohs
__WSAFDIsSet
htons
inet_addr
getsockname
bind
WSAStartup
inet_ntoa
send
gethostbyaddr

user32

LoadStringA

advapi32

OpenThreadToken
RegOpenKeyExA
RegCloseKey
GetUserNameA
GetTokenInformation
RegQueryValueExA

wininet

DetectAutoProxyUrl

kernel32

CreateMutexW
CreateDirectoryA
SetUnhandledExceptionFilter
GetStringTypeExA
FindNextFileW
IsDebuggerPresent
FindClose
GetSystemTimeAsFileTime
FormatMessageW
GlobalFree
GetModuleHandleW
CreateFileW
FindFirstFileW
GetTempPathW
CloseHandle
GetTempFileNameW
ReleaseMutex
GetCurrentThreadId
GetCurrentDirectoryA
LCMapStringA
LocalFree
GetUserDefaultLCID
GetFileSize
WaitForSingleObject
CreateDirectoryW
GetSystemDirectoryA
FindNextFileA
FreeLibrary
FindFirstFileA
UnhandledExceptionFilter
CreateThread
VirtualAllocEx

ole32

CoTaskMemFree

shlwapi

PathIsRootA
UrlIsOpaqueA
PathFileExistsW
PathUnExpandEnvStringsW
SHEnumKeyExA
wvnsprintfA
SHRegGetBoolUSValueA
PathGetDriveNumberW
SHRegOpenUSKeyA
StrToInt64ExW
PathIsUNCA
SHEnumKeyExW
PathRemoveBlanksW
StrCpyW
PathStripPathA
SHRegOpenUSKeyW
UrlGetLocationW
PathUnquoteSpacesW
PathCompactPathA
StrChrIA
PathRemoveFileSpecW
PathRemoveBackslashA
SHDeleteValueW
StrCmpNIA
PathFindSuffixArrayW
PathParseIconLocationA
SHDeleteOrphanKeyW
PathIsContentTypeA
PathAddBackslashA
UrlEscapeA

msvidc32

DriverProc

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nArKE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EidghC
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zMUtSyu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BkBuz
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bMdnwX
Size: 1024B - Virtual size: 855B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UKlwzpc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YEGEfQd
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 214KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bJSP
Size: 512B - Virtual size: 427B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NzDSm
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yYxo
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oDFQhQ
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

69a13c815b27c3c264a4065ee441bf7b

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

user32

advapi32

wininet

kernel32

ole32

shlwapi

msvidc32

Sections

.text Size: 19KB - Virtual size: 19KB

.nArKE Size: 3KB - Virtual size: 2KB

.EidghC Size: 2KB - Virtual size: 1KB

.zMUtSyu Size: 1KB - Virtual size: 1KB

.BkBuz Size: 2KB - Virtual size: 2KB

.bMdnwX Size: 1024B - Virtual size: 855B

.rdata Size: 2KB - Virtual size: 2KB

.UKlwzpc Size: 1KB - Virtual size: 1KB

.YEGEfQd Size: 1024B - Virtual size: 880B

.data Size: 214KB - Virtual size: 1.1MB

.rsrc Size: 3KB - Virtual size: 2KB

.bJSP Size: 512B - Virtual size: 427B

.NzDSm Size: 2KB - Virtual size: 1KB

.yYxo Size: 1KB - Virtual size: 1KB

.oDFQhQ Size: 1KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 19KB

.nArKE
Size: 3KB - Virtual size: 2KB

.EidghC
Size: 2KB - Virtual size: 1KB

.zMUtSyu
Size: 1KB - Virtual size: 1KB

.BkBuz
Size: 2KB - Virtual size: 2KB

.bMdnwX
Size: 1024B - Virtual size: 855B

.rdata
Size: 2KB - Virtual size: 2KB

.UKlwzpc
Size: 1KB - Virtual size: 1KB

.YEGEfQd
Size: 1024B - Virtual size: 880B

.data
Size: 214KB - Virtual size: 1.1MB

.rsrc
Size: 3KB - Virtual size: 2KB

.bJSP
Size: 512B - Virtual size: 427B

.NzDSm
Size: 2KB - Virtual size: 1KB

.yYxo
Size: 1KB - Virtual size: 1KB

.oDFQhQ
Size: 1KB - Virtual size: 1KB