12b703642e2ed66fae729fdeab9a4cbf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12b703642e2ed66fae729fdeab9a4cbf_JaffaCakes118
Size

296KB
MD5

12b703642e2ed66fae729fdeab9a4cbf
SHA1

0e3e1f2cbf5f593fffa045fa9deccc2c024b5d16
SHA256

a76a881c350e5442a2f4adb5bf8f634f40dc26c29da1f3f060ae868c4669a5a4
SHA512

cec19687becba7f8c6a19415715d8ead78ca030ef0a11c5e86e5743c786f7025c962698d1d46e0ccc81f841ff84bfba5df2bb1a383f9f9c1d5843b3bd6d0271b
SSDEEP

3072:6U5SxLd6mdHGa3HxA6HZ5PabHLxrae/fLgqV39Yw1BM0tzZ+yIByWZgHR1BNBlE3:3msaBFZ1ajFl/fLgqh9O0D+yEZo7EOQd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12b703642e2ed66fae729fdeab9a4cbf_JaffaCakes118

Files

12b703642e2ed66fae729fdeab9a4cbf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad28144e2023810c3cacaa612323c8de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
InitializeCriticalSection
DeleteCriticalSection
FindResourceExW
LockResource
SizeofResource
CreateFileW
lstrlenA
FindResourceW
MultiByteToWideChar
GetWindowsDirectoryW
CreateProcessW
GetVolumeInformationA
CreateToolhelp32Snapshot
ReadFile
GetFileTime
GetSystemDirectoryA
GetProcessHeap
GetFileSize
GetModuleFileNameA
GetVersionExA
GetTempPathA
Process32NextW
SetErrorMode
CreateProcessA
GetExitCodeThread
CreateThread
CreateEventW
TerminateThread
SetEvent
GetModuleFileNameW
WaitForMultipleObjects
FlushFileBuffers
SetFilePointer
SetStdHandle
GetACP
WideCharToMultiByte
Sleep
WaitForSingleObject
FormatMessageW
GetTickCount
HeapAlloc
EnterCriticalSection
LocalFree
LeaveCriticalSection
LoadResource
WriteFile
lstrlenW
HeapReAlloc
HeapFree
Process32FirstW
CloseHandle
SetEndOfFile
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetConsoleMode
GetConsoleCP
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetExitCodeProcess
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryA
RaiseException
InterlockedExchange
GetLocaleInfoA
GetThreadLocale
HeapDestroy
HeapSize
InterlockedIncrement
InterlockedDecrement
VirtualProtect
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetSystemInfo
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
DeleteFileW
GetLocalTime
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetStringTypeA
GetStringTypeW
GetCPInfo
LCMapStringA
LCMapStringW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetOEMCP
IsValidCodePage
HeapCreate
VirtualFree
GetStdHandle
GetFileAttributesW
SetHandleCount
GetFileType

user32

GetKeyboardState
GetActiveWindow
UnregisterClassA

advapi32

CloseServiceHandle
CreateServiceW
ChangeServiceConfig2W
StartServiceW
QueryServiceStatusEx
OpenSCManagerW
RegisterServiceCtrlHandlerW
SetServiceStatus
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
StartServiceCtrlDispatcherW

ole32

StringFromCLSID
CoCreateInstance
CoUninitialize
CoInitialize
CLSIDFromProgID

ws2_32

WSAEventSelect
WSAGetOverlappedResult
freeaddrinfo
WSAResetEvent
WSASend
getaddrinfo
WSAConnect
WSAEnumNetworkEvents
WSACreateEvent
WSASocketW
closesocket
WSAStartup
WSARecv
WSACloseEvent
WSACleanup
WSAGetLastError
WSASetEvent
WSASetLastError

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad28144e2023810c3cacaa612323c8de

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

Sections

.text Size: 244KB - Virtual size: 240KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 244KB - Virtual size: 240KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 1KB