3afb159f672a300138f9c73dc26f51ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3afb159f672a300138f9c73dc26f51ae_JaffaCakes118
Size

161KB
MD5

3afb159f672a300138f9c73dc26f51ae
SHA1

da3fa1504afc0f94f800eb7923315bbeb435081b
SHA256

ef6d81249e7fa5216127a3660ad4492fd31a3be3d26cfc0c3f4a5aeb982288cc
SHA512

3e179eca54aec01719c5f95317596fd4d5eae3f4eba4df8e1346beef86a2282e574e02f3551d8695fdbd909203f503a4aa141fb785fcfde8e7567b06a40cd0b1
SSDEEP

3072:usgDczIQAAwA+26Xw36Eo8tSsODgwkSE+GdkRwJRktyZ678Pq:uV0wA+26XwpSCjviRG28Pq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3afb159f672a300138f9c73dc26f51ae_JaffaCakes118

Files

3afb159f672a300138f9c73dc26f51ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f587c34881c242e8ca4639fcd94b447

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
WSAStartup
setsockopt
ioctlsocket
htons
bind
listen
select
__WSAFDIsSet
accept
recv
socket
connect
send
closesocket
inet_addr

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

PeekNamedPipe
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
Sleep
WriteFile
WaitForSingleObject
GetLastError
CreateEventA
CloseHandle
ReadFile
CreateFileA
CopyFileA
MultiByteToWideChar
WideCharToMultiByte
ExitThread
DeleteFileA
CreateProcessA
OpenProcess
GetCurrentProcessId
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
ExitProcess
CreateMutexA
GetTickCount
MoveFileA
GetTempPathA
CreateThread
SetFilePointer
GetFileSize
GetLocalTime
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
GetExitCodeProcess
DuplicateHandle
GetCurrentProcess
CreatePipe
GetComputerNameA
GetTimeFormatA
GetDateFormatA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
TerminateProcess
GetLogicalDrives
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadLibraryA
GetProcAddress
GetLocaleInfoA
GetVersionExA
GlobalMemoryStatus
TerminateThread
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
RaiseException
GetCPInfo

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1f587c34881c242e8ca4639fcd94b447

Headers

File Characteristics

Imports

ws2_32

version

kernel32

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 45KB - Virtual size: 356KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 45KB - Virtual size: 356KB