1751827a8ccdf92ff3a5243ba42797b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1751827a8ccdf92ff3a5243ba42797b9_JaffaCakes118
Size

340KB
MD5

1751827a8ccdf92ff3a5243ba42797b9
SHA1

41b5abd7bfcdadd03b6a856e7459a6e32bcfb437
SHA256

6cfc9d8b846e33530c9f6474984c423e93e7ce8733c20148ccbf0a36a3a6d846
SHA512

78d3c7fdc48db1161fbf22b6e4640dc89315d9558765192d379ccb776b49c39037bfb7ff7056c28b0c0b86e97b67aaea67380d3ee12c1f988ba26f36e4524cb1
SSDEEP

6144:3y28n242+loxBOreMvfu7GDUt3oatnsJzoVgVtTBIG5Q9:3y28n242Uffu7XpoatENVtTCG5e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1751827a8ccdf92ff3a5243ba42797b9_JaffaCakes118

Files

1751827a8ccdf92ff3a5243ba42797b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2a897b20b2b14924f23b0b9d4d20952

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
socket
closesocket
getsockname
send
select
recv
shutdown
gethostbyname
ioctlsocket
htons
connect
WSACleanup

kernel32

MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
CreateMutexA
Sleep
GetTickCount
CopyFileA
MoveFileA
DeleteFileA
GetComputerNameExA
GetCurrentThreadId
ConnectNamedPipe
CreateNamedPipeA
GetTempFileNameA
FindClose
FindNextFileA
FindFirstFileA
CompareFileTime
GetDiskFreeSpaceExA
InterlockedExchange
InterlockedExchangeAdd
GetWindowsDirectoryA
GetSystemDirectoryA
MoveFileExA
OpenProcess
GetCurrentProcess
QueryDosDeviceW
GetProcessHeap
GetVersionExA
WideCharToMultiByte
RemoveDirectoryA
lstrcmpA
lstrlenA
MultiByteToWideChar
GetFileSize
CreateDirectoryA
SetEndOfFile
FlushFileBuffers
GetProcAddress
GetModuleHandleA
GetSystemTimeAdjustment
GetSystemTime
VirtualProtect
LeaveCriticalSection
EnterCriticalSection
GetMailslotInfo
CreateMailslotA
GetComputerNameA
LoadLibraryA
SetLastError
GlobalAlloc
GlobalFree
GetLongPathNameW
DeviceIoControl
CreateFileA
ReleaseMutex
ResetEvent
SetEnvironmentVariableA
CreateThread
GetModuleFileNameA
SetFilePointer
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
GetOverlappedResult
CloseHandle
DisconnectNamedPipe
InitializeCriticalSection
WaitForSingleObject
SetEvent
CreateEventA
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
CompareStringA
CompareStringW
HeapAlloc
GetCurrentDirectoryA
GetFullPathNameA
GetStringTypeW
GetStringTypeA
TlsGetValue
TlsAlloc
InterlockedDecrement
InterlockedIncrement
HeapFree
GetTimeZoneInformation
GetLocalTime
GetCommandLineA
GetVersion
ExitProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
HeapReAlloc
RtlUnwind
DeleteCriticalSection
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TlsSetValue

advapi32

RegCloseKey
OpenServiceA
OpenSCManagerA
LockServiceDatabase
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
DeleteService
UnlockServiceDatabase
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
LookupAccountSidW
EqualSid
LookupAccountNameW
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
FreeSid
GetKernelObjectSecurity
GetSecurityDescriptorDacl
SetKernelObjectSecurity
OpenProcessToken
GetTokenInformation
RegOpenKeyExA
RegQueryValueExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegisterServiceCtrlHandlerExA
SetServiceStatus
StartServiceCtrlDispatcherA

shlwapi

SHDeleteKeyA
PathAppendA

ole32

CoCreateInstance
CoInitialize

psapi

GetModuleFileNameExW

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2a897b20b2b14924f23b0b9d4d20952

Headers

File Characteristics

Imports

wsock32

kernel32

advapi32

shlwapi

ole32

psapi

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 16KB - Virtual size: 63KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 16KB - Virtual size: 63KB