2e07bfd80fd59d230369fca3ced8dee2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2e07bfd80fd59d230369fca3ced8dee2_JaffaCakes118
Size

127KB
MD5

2e07bfd80fd59d230369fca3ced8dee2
SHA1

c02f1d8f38e0385f9bd3a1a5535f7eada638eccd
SHA256

02c391391e1962d9d7b3d774aa7874e9339ba7d6c50e6dfafa43a39ce8e45230
SHA512

0aa2eaf5b5dc0da191e8d3aaaf3e82dbd4e7b54913504bf563c62631115c4830484b6f80806eed1c23fb05c6c712516b4e8ec46785e5e14821c346f0337136ca
SSDEEP

3072:gB5ndVMDjS9yoLsEwFf5hS+YNCdJDdtUoC97ebJ:gLndU17EwFfK+YWEj97e9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e07bfd80fd59d230369fca3ced8dee2_JaffaCakes118

Files

2e07bfd80fd59d230369fca3ced8dee2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad801d0cb3ba8c4b23850dacb23134e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetAddConnection2A

ws2_32

WSAStartup
setsockopt
ioctlsocket
bind
listen
WSACleanup
inet_addr
htons
connect
recv
closesocket
socket
send
select
__WSAFDIsSet
accept

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GlobalMemoryStatus
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
MultiByteToWideChar
Sleep
ReadFile
CloseHandle
WriteFile
TransactNamedPipe
CreateFileA
WaitForSingleObject
GetLastError
CreateEventA
GetModuleFileNameA
ExitThread
CreateThread
GetSystemDirectoryA
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadLibraryA
GetProcAddress
GetModuleHandleA
FormatMessageA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
CreateProcessA
ExpandEnvironmentStringsA
SetFileAttributesA
GetFileAttributesA
GetTempPathA
GetVersionExA
CopyFileA
GetTimeFormatA
GetDateFormatA
GetLocalTime
ExitProcess
DeleteFileA
OpenProcess
GetCurrentProcessId
CreateMutexA
lstrcmpiA
GetCurrentProcess
TerminateProcess
GetLocaleInfoA
TerminateThread
HeapAlloc
HeapFree
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RaiseException
HeapSize
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
WideCharToMultiByte

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad801d0cb3ba8c4b23850dacb23134e6

Headers

File Characteristics

Imports

mpr

ws2_32

version

kernel32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 28KB - Virtual size: 336KB

.sxdata Size: 512B - Virtual size: 24B

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 28KB - Virtual size: 336KB

.sxdata
Size: 512B - Virtual size: 24B