53cad7f0008c3723a2033cc61e0289f6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

53cad7f0008c3723a2033cc61e0289f6_JaffaCakes118
Size

48KB
MD5

53cad7f0008c3723a2033cc61e0289f6
SHA1

6d2bd54b745a5796eee5c35e383f96ffa2f350be
SHA256

e2177184b6edd3020fd3e574d04f552efe30b9561cd3341c4e0399afe7de4f86
SHA512

1d07dbb3ed59df65fb32ced628e7759a9887641d9abaa8010a46c79dc8edca6db7de8dd36e8b34fa2a5d392edfcc0c210827496dbf970ccc0a8b8aafa5ec4adf
SSDEEP

768:NrUbISozROqagGHv+rTWFJUa6rg1NXlHzEoU:tjlhapHv+rTWFJ36SLgoU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53cad7f0008c3723a2033cc61e0289f6_JaffaCakes118

Files

53cad7f0008c3723a2033cc61e0289f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92ccb57fb955624e6900e7f5b38d1389

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GetDriveTypeA
lstrcpynA
GetLogicalDriveStringsA
CloseHandle
CreateProcessA
ReadFile
SetFilePointer
GetFileSize
CreateFileA
WriteFile
DeleteFileA
CopyFileA
WaitForSingleObject
GetVersion
GetTempFileNameA
GetWindowsDirectoryA
UnmapViewOfFile
ExitProcess
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
SetCurrentDirectoryA
SetFileTime
GetFileTime
GetProcAddress
LoadLibraryA
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetDiskFreeSpaceA
GetShortPathNameA
CreateThread
Sleep
CreateEventA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
lstrlenA
GetCurrentDirectoryA
lstrcatA
FindFirstFileA
FindNextFileA
GetLastError
FindClose
FileTimeToLocalFileTime
GetEnvironmentVariableA
lstrcpyA
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

user32

wsprintfA

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

oleaut32

SysStringLen
SysFreeString
SysAllocString

shlwapi

StrToIntA
StrChrA
StrRChrA
StrStrA

ws2_32

recv
closesocket
WSAGetLastError
inet_ntoa
gethostbyname
gethostname
WSAStartup
connect
inet_addr
htons
socket
setsockopt
send
WSACleanup

advapi32

OpenServiceA
StartServiceA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegSetValueExA
OpenSCManagerA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92ccb57fb955624e6900e7f5b38d1389

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

shlwapi

ws2_32

advapi32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 1KB