3f1c9acbee8aa881f6ff5016afe236ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f1c9acbee8aa881f6ff5016afe236ea_JaffaCakes118
Size

78KB
MD5

3f1c9acbee8aa881f6ff5016afe236ea
SHA1

d398a1ce11cb3bdb86e9e8de28fded755f13cd7e
SHA256

dd45ecbffc9899f770ebb2eec0d673b68c530702bd274d70502ba140b8cf13fd
SHA512

7e06060555d90f27f6499e37c9e4e177151a1d393123d52547cc406087a70bdcdf9bbeefddf166c7d5619f0f4bdff82df7c988a7ba7bf2edc7980ec84d0823e7
SSDEEP

1536:22i6KkcjR2XlrEXkIdysDAdbDDSxOkCXs5+hXGFQgHgnToIf9MIOQnQDM:+ySQlrUdysUD6uXs0/XTBf9CQnQDM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f1c9acbee8aa881f6ff5016afe236ea_JaffaCakes118

Files

3f1c9acbee8aa881f6ff5016afe236ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c43f5dbc66e512916816994c0389d79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

__WSAFDIsSet
select
ioctlsocket
listen
bind
accept
inet_addr
htons
htonl
gethostbyname
getservbyname
recv
WSAGetLastError
shutdown
send
socket
connect
closesocket
WSAStartup
WSACleanup

wininet

InternetReadFile
InternetOpenUrlA
InternetGetConnectedState
InternetOpenA
InternetSetOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetGetLastResponseInfoA

shell32

ShellExecuteA
SHGetFolderPathA

kernel32

HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetSystemInfo
VirtualProtect
InitializeCriticalSection
VirtualQuery
InterlockedExchange
LCMapStringW
LCMapStringA
RtlUnwind
GetLocaleInfoA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
lstrcpyA
lstrlenA
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
GetLastError
CreateProcessA
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
CloseHandle
GetTickCount
CreateMutexA
GetVersionExA
SystemTimeToFileTime
FileTimeToSystemTime
DeleteFileA
GetSystemTime
CreateFileA
CopyFileA
MoveFileA
MoveFileExA
GetTempFileNameA
lstrcmpA
GetSystemDirectoryA
GetModuleFileNameA
lstrcpynA
SetLastError
GetCurrentProcess
GetCurrentThread
WaitForSingleObject
WriteFile
TerminateProcess
OpenProcess
SetEndOfFile
SetFilePointer
ReadFile
GetWindowsDirectoryA
Process32Next
Process32First
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
GetCPInfo
ExitThread
GetCurrentThreadId
CreateThread
GetStartupInfoA
GetCommandLineA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
UnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetACP
GetOEMCP
CreateDirectoryA

user32

MessageBoxA
wvsprintfA
CharUpperA
EnumWindows
GetClassNameA
GetWindowTextA
CharLowerA
SetTimer
KillTimer
PeekMessageA
TranslateMessage
DispatchMessageA
wsprintfA

advapi32

RegEnumValueA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

ole32

CoCreateGuid

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.spdata
Size: 1024B - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c43f5dbc66e512916816994c0389d79

Headers

File Characteristics

Imports

ws2_32

wininet

shell32

kernel32

user32

advapi32

ole32

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 3KB - Virtual size: 62KB

.spdata Size: 1024B - Virtual size: 793B

.rsrc Size: 512B - Virtual size: 144B

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 3KB - Virtual size: 62KB

.spdata
Size: 1024B - Virtual size: 793B

.rsrc
Size: 512B - Virtual size: 144B