127b75c728a79713a99ba55d5d602f58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

127b75c728a79713a99ba55d5d602f58_JaffaCakes118
Size

77KB
MD5

127b75c728a79713a99ba55d5d602f58
SHA1

3addd23fc9f2d4cd55ada3553984022f88fc0c9d
SHA256

434608a171815e0e29d23438a110766f1644aaeb0bf7bd3562a399e2369bca28
SHA512

215bf4e429da516a8e6187cbf2576e367b0bb4fb6ef879e893558b7b0f6609da10ea94c5e72f61415c1576473f983d15b13d2b7cc480ec83ff2881431f3169dc
SSDEEP

1536:UHDoJakimtw/Wyh1rU+33c6ad6kdIXRQFaN2+sr3N+z1cySL030Ax2L53V:U2a/p/VbrM6ad6FXKAN2y1ch0k3FV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup.exe

Files

127b75c728a79713a99ba55d5d602f58_JaffaCakes118
.rar
Setup.exe
.exe windows:4 windows x86 arch:x86

04d883093c57b548c2706560eef9163f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentProcess
LocalFree
FormatMessageA
ExitProcess
CreateMutexA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
ReadFile
GetFileAttributesA
DeleteFileA
GetFileSize
Process32First
CreateToolhelp32Snapshot
CopyFileA
GetModuleFileNameA
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
CreateFileMappingA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
GetSystemDirectoryA
lstrcmpiA
FreeResource
TerminateThread
CreateProcessA
WaitForSingleObject
FindResourceA
SizeofResource
LoadResource
GlobalAlloc
LockResource
HeapAlloc
GlobalFree
WriteFile
lstrlenA
GetTempPathA
WinExec
lstrcpyA
GetSystemInfo
CreateThread
CloseHandle
CreateFileA
Sleep
DeviceIoControl
GetTickCount
lstrcatA
LoadLibraryA
GetProcAddress
Process32Next
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
HeapReAlloc
VirtualAlloc
SetFilePointer
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
RtlUnwind
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
LCMapStringW

user32

PostMessageA
FindWindowA
FindWindowExA
wsprintfA

advapi32

RegSetValueExA
CreateServiceA
StartServiceA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegFlushKey
RegCreateKeyA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ws2_32

WSAGetLastError
setsockopt
gethostname
sendto
WSACleanup
WSAStartup
WSASocketA
socket
htons
connect
closesocket
inet_addr
gethostbyname
send
WSAIoctl
recv
__WSAFDIsSet
select
htonl

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04d883093c57b548c2706560eef9163f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 140KB - Virtual size: 136KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 140KB - Virtual size: 136KB