0e045762c9586bef4f6846e9bd4e0c30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e045762c9586bef4f6846e9bd4e0c30_JaffaCakes118
Size

1.0MB
MD5

0e045762c9586bef4f6846e9bd4e0c30
SHA1

376f5f747afd35b45b61fbb578f8a481ba9f027b
SHA256

7b996fc47067e455465327b877e0d4e6a7e1fb7835abffd8e90701a7eaddf5ab
SHA512

09f402c4abaa04601ffd103ec5de2ad257d269394e55245f987e4b743205552336ffb50d64c71726ace951084fe11e981bc7fe64ab492db15f7f4c9545543616
SSDEEP

24576:KjQ6UitLxfdjs3c0nH06AbNtdZxjl7uRBFECN79mPUsVbaPqdQLQMkF:YJ3s3jPkdZxjl76W+93sVbaB3Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e045762c9586bef4f6846e9bd4e0c30_JaffaCakes118

Files

0e045762c9586bef4f6846e9bd4e0c30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a2f7c8c674f26c73cbd8584915efcff5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

__WSAFDIsSet
select
connect
recv
send
WSAStartup
WSAGetLastError
WSACleanup
ioctlsocket
inet_addr
gethostbyaddr
gethostbyname
gethostname
setsockopt
closesocket
getservbyname
getprotobyname
socket
bind
listen
getsockname
accept
ntohs
htons
inet_ntoa
htonl
ntohl

kernel32

GetCurrentDirectoryW
TerminateProcess
SetConsoleCtrlHandler
SetConsoleTitleA
GetWindowsDirectoryA
CloseHandle
GetLastError
CreateProcessW
GetCommandLineW
CreateProcessA
GetCommandLineA
GetStartupInfoW
GetStartupInfoA
GetVersion
FreeLibrary
GetProcAddress
LoadLibraryA
SetFileAttributesA
GetCurrentDirectoryA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
SetCurrentDirectoryA
SystemTimeToFileTime
GetLocalTime
GetStdHandle
GetVersionExA
WaitForSingleObject
GenerateConsoleCtrlEvent
WaitForMultipleObjects
SetEnvironmentVariableA
AllocConsole
CreateEventA
SetEvent
GetExitCodeProcess
SetErrorMode
SetHandleInformation
Sleep
ResetEvent
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentVariableA
GetEnvironmentVariableW
GetTickCount
GetProcessTimes
GetCurrentProcess
FindFirstFileW
FindNextFileW
ReleaseMutex
CreateMutexA
GetModuleHandleA
GetVolumeInformationA
GetDriveTypeA
VirtualAlloc
VirtualFree
SetLastError
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateFileA
ReadFile
WriteFile
DeviceIoControl
HeapAlloc
ExitProcess
GetTimeZoneInformation
GetSystemTime
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryA
GetFileAttributesA
GetFullPathNameA
HeapFree
HeapReAlloc
GetCurrentProcessId
ResumeThread
CreateThread
TlsSetValue
ExitThread
InterlockedIncrement
GetFileType
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
MoveFileA
MoveFileW
GetFileAttributesW
DeleteFileW
DuplicateHandle
HeapDestroy
HeapCreate
InitializeCriticalSection
DeleteCriticalSection
SetHandleCount
SetFilePointer
UnhandledExceptionFilter
GetCurrentThreadId
TlsAlloc
TlsGetValue
RtlUnwind
SetStdHandle
FlushFileBuffers
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableW
LCMapStringA
LCMapStringW
SetEndOfFile
GetFullPathNameW
CreatePipe
HeapSize
GetCPInfo
GetACP
GetOEMCP
CompareStringA
CompareStringW
InterlockedDecrement

user32

DialogBoxIndirectParamA
CreateDialogIndirectParamA
wsprintfA
GetClientRect
MessageBoxA
GetActiveWindow
GetSystemMetrics
EnableWindow
GetWindowRect
GetDlgItem
SendMessageA
GetWindowLongA
MessageBeep
SetDlgItemTextA
GetDlgItemTextW
GetDlgItemTextA
EndDialog
GetParent
GetFocus
SetFocus
SetWindowTextA
ShowWindow
MoveWindow
ScreenToClient

advapi32

RegCreateKeyExA
StartServiceCtrlDispatcherA
RegEnumKeyExA
GetUserNameW
GetUserNameA
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegEnumValueA
SetServiceStatus
RegDeleteValueA
ReportEventA
DeregisterEventSource
RegisterEventSourceA
RegQueryValueExA
RegisterServiceCtrlHandlerA
RegOpenKeyExA
RegCloseKey

netapi32

Netbios

comctl32

ord17

comdlg32

GetOpenFileNameA

Sections

.text
Size: 768KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT_HA
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2f7c8c674f26c73cbd8584915efcff5

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

netapi32

comctl32

comdlg32

Sections

.text Size: 768KB - Virtual size: 766KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 68KB - Virtual size: 132KB

_TEXT_HA Size: 68KB - Virtual size: 66KB

.rsrc Size: 4KB - Virtual size: 928B

.text
Size: 768KB - Virtual size: 766KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 68KB - Virtual size: 132KB

_TEXT_HA
Size: 68KB - Virtual size: 66KB

.rsrc
Size: 4KB - Virtual size: 928B