2ba0ade259fe2ae998296a18198de7ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ba0ade259fe2ae998296a18198de7ee_JaffaCakes118
Size

1.5MB
MD5

2ba0ade259fe2ae998296a18198de7ee
SHA1

889ed69ff160200baba07d0e43ef4ff8488308c3
SHA256

023e09436a205e3b5a1ba9ede022442ce7496ff1daca4d0720b9f0ae20ea709d
SHA512

84c29d1f446ee45ff422cee22ffcdc0e61825b3a9fb23a0b087ac7e35220ab28ffaee931ff4daa0cd1b600683ea5cd9fd9fa0c74dddc7e3fab363010c2b1208c
SSDEEP

24576:xI+7qmDjq5Y7YxaK0tTw5NJRNGa0GfwU8KafFofqf:V7qmDjlKeTw5XRJ0+wjnfaq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba0ade259fe2ae998296a18198de7ee_JaffaCakes118

Files

2ba0ade259fe2ae998296a18198de7ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb7e931510488c6705cb70970ee55262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

advapi32

RegOpenKeyExA
CryptGenRandom
RegCloseKey
RegEnumValueA
CryptAcquireContextA
CryptReleaseContext

ws2_32

getpeername
getservbyname
ntohs
WSAGetLastError
gethostbyname
shutdown
connect
WSACleanup
socket
inet_ntoa
ioctlsocket
htons
bind
listen
send
select
__WSAFDIsSet
accept
recv
closesocket
WSAStartup
inet_addr
gethostbyaddr
setsockopt

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

EnterCriticalSection
GetFullPathNameA
GetCurrentDirectoryA
GetDriveTypeA
GetLocaleInfoW
SetEndOfFile
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
SetEnvironmentVariableA
SetEnvironmentVariableW
FlushFileBuffers
RaiseException
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
Sleep
GetTickCount
DeleteFileA
CloseHandle
CreateProcessA
OpenProcess
GetCurrentProcessId
GetLastError
CopyFileA
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
ExitProcess
WaitForSingleObject
CreateMutexA
MoveFileA
GetTempPathA
CreateThread
ExitThread
ReadFile
SetFilePointer
GetFileSize
CreateFileA
GetLocalTime
WriteFile
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
GetCurrentProcess
CreatePipe
WideCharToMultiByte
MultiByteToWideChar
GetComputerNameA
GetTimeFormatA
GetDateFormatA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
TerminateProcess
GetLogicalDrives
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
GetProcAddress
FreeLibrary
LoadLibraryA
lstrcpynA
lstrcmpA
lstrcpyA
lstrlenA
GetLocaleInfoA
GetVersionExA
GlobalAlloc
GlobalMemoryStatus
TerminateThread
SetNamedPipeHandleState
WaitNamedPipeA
SetEvent
OpenFileMappingA
OpenEventA
GetWindowsDirectoryA
WaitForMultipleObjects
InitializeCriticalSection
TlsAlloc
TlsFree
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
GetCurrentThreadId
InterlockedIncrement
CreateSemaphoreA
InterlockedDecrement
GetFileAttributesExA
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
SetStdHandle
GetFileType
SetLastError
GetCPInfo
GetACP
GetOEMCP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr

Sections

.text
Size: 431KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb7e931510488c6705cb70970ee55262

Headers

File Characteristics

Imports

user32

advapi32

ws2_32

version

kernel32

Sections

.text Size: 431KB - Virtual size: 431KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 1.1MB - Virtual size: 1.4MB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 431KB - Virtual size: 431KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 1.1MB - Virtual size: 1.4MB

.rsrc
Size: 5KB - Virtual size: 4KB