1738c954498197f11643a116ee205d80_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1738c954498197f11643a116ee205d80_JaffaCakes118
Size

74KB
MD5

1738c954498197f11643a116ee205d80
SHA1

03d9a95b596a50bac66809100b6978bc24a1ef6d
SHA256

c958636343a260928f5e3391934b6b5a4c0f751ceecd27940a7670d38fac6df4
SHA512

2f173a1eb37f976675443ae465c29691bd46bac7c92fbd71baa8b4d2a86dba6feca03e74f1c96b35c8c8dc41fc85f3b83b23f5cd663e770dbecff55ce046e237
SSDEEP

1536:25tCsYvd9c6EaCKWEvE+EUFEVNoWEorbJjtu2u9qMx7m:vCKWEvE+ENUborbJjtAqMx7m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1738c954498197f11643a116ee205d80_JaffaCakes118

Files

1738c954498197f11643a116ee205d80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

412b8bb02c1d9f8ada7e6c8c823122db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

shutdown
inet_ntoa
ntohl
htonl
ioctlsocket
setsockopt
bind
listen
accept
getsockname
inet_addr
gethostbyname
select
WSAStartup
WSACleanup
htons
socket
connect
send
closesocket
recv

user32

CharLowerA

advapi32

ControlService
CreateServiceA
LockServiceDatabase
QueryServiceLockStatusA
ChangeServiceConfig2A
UnlockServiceDatabase
OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
DeleteService

shell32

SHGetFolderPathA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

SetFilePointer
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
CreateProcessA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
CloseHandle
GetCurrentProcess
FindClose
FindFirstFileA
Process32Next
DeleteFileA
SetFileAttributesA
TerminateProcess
OpenProcess
lstrcmpiA
Sleep
Process32First
CreateToolhelp32Snapshot
GetWindowsDirectoryA
GetSystemDirectoryA
ExitThread
ExitProcess
GetTempPathA
ReleaseMutex
GetTickCount
CreateMutexA
GetLastError
CreateDirectoryA
GetModuleFileNameA
GetModuleHandleA
OpenMutexA
SetErrorMode
CopyFileA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
SetFileTime
GetFileTime
CreateFileA
SetEvent
LocalFree
LocalAlloc
TerminateThread
WaitForSingleObject
CreateThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
WriteFile
ReadFile

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

412b8bb02c1d9f8ada7e6c8c823122db

Headers

File Characteristics

Imports

ws2_32

user32

advapi32

shell32

version

kernel32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 22KB - Virtual size: 31KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 22KB - Virtual size: 31KB