30474cba55f34975bea930d45526e8d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30474cba55f34975bea930d45526e8d0_JaffaCakes118
Size

152KB
MD5

30474cba55f34975bea930d45526e8d0
SHA1

222e4c1d13ea4d9b44d53b66bff91198540d2b58
SHA256

7cda66dd8872e54bce5f8af782e87f60bc2b2251191f26e5d83b15733ac7e8be
SHA512

cc2ca95b8ac339a5299bbbd9ddd65a3b3fa9a4b507a8f6a32d0abd4f3b28e5c9e54231216737f84c9ceb5461c4ff6526b77e4052bbc49028b9cf52136eb7b41a
SSDEEP

3072:upGWWFpaTaUz1J1VwjMLSbYwybi12uRphAek027LJ5omxyt6gvNhWJk//ItYko:QLaUf1VwjNbZWi12Mp+ekR7LJ5xxyt6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30474cba55f34975bea930d45526e8d0_JaffaCakes118

Files

30474cba55f34975bea930d45526e8d0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

68af7f2597b61e1a0cc00826742ef27a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA

winmm

ord2
mciSendCommandA

advapi32

AdjustTokenPrivileges
CloseServiceHandle
ControlService
DeleteService
GetUserNameA
InitializeSecurityDescriptor
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
RegCloseKey
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueA
RegQueryValueExA
RegSetValueA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl
SetServiceStatus
StartServiceCtrlDispatcherA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
DeleteDC
DeleteObject
GetDIBits
GetDeviceCaps
SelectObject

user32

CharUpperA
EnumChildWindows
EnumWindows
ExitWindowsEx
GetClassNameA
GetDesktopWindow
GetForegroundWindow
GetSysColor
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
GetWindow
IsIconic
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
MapVirtualKeyA
MessageBoxA
ReleaseDC
SendMessageA
SetSysColors
SetWindowTextA
SystemParametersInfoA
keybd_event
wsprintfA
wvsprintfA

kernel32

CloseHandle
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteFileA
DeviceIoControl
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FreeLibrary
GetCommandLineA
GetComputerNameA
GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId
GetDriveTypeA
GetFileAttributesA
GetFileSize
GetFileTime
GetLastError
GetLocalTime
GetLogicalDriveStringsA
GetModuleHandleA
GetPriorityClass
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetTickCount
GetVersionExA
GetWindowsDirectoryA
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
MoveFileA
OpenEventA
OpenProcess
ReadFile
ReleaseMutex
RemoveDirectoryA
RtlMoveMemory
RtlUnwind
RtlZeroMemory
SetComputerNameA
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetLastError
SetLocalTime
SetPriorityClass
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
WaitForMultipleObjects
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

wsock32

WSAGetLastError
gethostbyname
gethostname
htonl
ntohl
setsockopt
bind
socket
ntohs
getsockname
htons
sendto
send
recvfrom
recv
connect
accept
listen
closesocket
WSACleanup
WSAStartup

mpr

WNetCloseEnum
WNetEnumResourceA
WNetOpenEnumA

Sections

AUTO
Size: 74KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 22KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 10KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68af7f2597b61e1a0cc00826742ef27a

Headers

File Characteristics

Imports

shell32

winmm

advapi32

gdi32

user32

kernel32

wsock32

mpr

Sections

AUTO Size: 74KB - Virtual size:

.idata Size: 4KB - Virtual size:

DGROUP Size: 22KB - Virtual size:

.bss Size: 10KB - Virtual size:

.reloc Size: 7KB - Virtual size:

.rsrc Size: 39KB - Virtual size:

AUTO
Size: 74KB - Virtual size:

.idata
Size: 4KB - Virtual size:

DGROUP
Size: 22KB - Virtual size:

.bss
Size: 10KB - Virtual size:

.reloc
Size: 7KB - Virtual size:

.rsrc
Size: 39KB - Virtual size: