140cb5bb71946d410e8138f004e8e232_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

140cb5bb71946d410e8138f004e8e232_JaffaCakes118
Size

484KB
MD5

140cb5bb71946d410e8138f004e8e232
SHA1

4c3aceb9f00b5c1e91fda5a1bdb7326a05a4a9e8
SHA256

a84f648064d2013f4b3e6732cd648abac92e870d42e34dc6ed56947f3239c977
SHA512

7a483dacb63a31870f95bbc0e13281a11acafe9b86eb53f4b8d6bb9c4132852ec0f836dc3333351ad3bc626d969c32274fb64d2f3a2761a8948a71422d9e4adf
SSDEEP

12288:GrVJXKtCEqm193/poAdqWjmVRrZLI0J9FSXOtt5:GrVdel7qVRrZLIyFeOtt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
140cb5bb71946d410e8138f004e8e232_JaffaCakes118

Files

140cb5bb71946d410e8138f004e8e232_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12aaabf9d930044b99ca319381363ee2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACloseEvent
ntohl
WSAGetLastError
send
WSAEventSelect
WSACreateEvent
WSASocketA
WSAJoinLeaf
getpeername
WSAStartup
gethostname
inet_ntoa
ioctlsocket
getsockopt
select
__WSAFDIsSet
inet_addr
gethostbyname
ntohs
recvfrom
sendto
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
accept
htonl
connect
recv
setsockopt
socket
htons
bind
listen
closesocket

advapi32

RegCloseKey
DeleteService
ControlService
OpenServiceA
StartServiceA
QueryServiceStatus
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
RegOpenKeyA

ole32

CoInitialize
CoCreateGuid
CoUninitialize
CoCreateInstance

oleaut32

SysStringLen
SysAllocString
VariantClear
SysFreeString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
VirtualFree
GetCPInfo
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
GetModuleHandleA
GetACP
GetOEMCP
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
InterlockedExchange
HeapCreate
MoveFileA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
HeapAlloc
GetStdHandle
SetHandleCount
SetEndOfFile
SetStdHandle
SetLastError
TlsAlloc
GetCurrentThreadId
HeapFree
GetVersion
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
MoveFileExA
Sleep
MultiByteToWideChar
CreateEventA
CloseHandle
SetEvent
GetTickCount
WaitForSingleObject
InterlockedIncrement
GetTempPathA
GetPrivateProfileStringA
WritePrivateProfileStringA
InterlockedDecrement
QueryPerformanceCounter
GetSystemTime
CopyFileA
CreateSemaphoreA
OpenSemaphoreA
GetModuleFileNameA
LocalFree
LocalAlloc
GetSystemDirectoryA
GetVersionExA
GetProcAddress
LoadLibraryA
GetLocalTime
WideCharToMultiByte
FindClose
FindNextFileA
FindFirstFileA
CreateProcessA
GetDiskFreeSpaceExA
GetLastError
GetLogicalDriveStringsA
TerminateProcess
ReadFile
PeekNamedPipe
GetWindowsDirectoryA
GetStartupInfoA
CreatePipe
lstrlenA
RtlUnwind
GetFileType
CreateFileA
CreateDirectoryA
DeleteFileA
FlushFileBuffers
WriteFile
SetFilePointer
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetTimeZoneInformation
GetSystemTimeAsFileTime
RaiseException
ExitProcess
GetCurrentProcess

Sections

.text
Size: 364KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12aaabf9d930044b99ca319381363ee2

Headers

File Characteristics

Imports

ws2_32

advapi32

ole32

oleaut32

version

kernel32

Sections

.text Size: 364KB - Virtual size: 361KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 52KB - Virtual size: 77KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 364KB - Virtual size: 361KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 52KB - Virtual size: 77KB

.rsrc
Size: 36KB - Virtual size: 34KB