JaffaCakes118_e27819dd1edc7c28dff57bee42a2ed5b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_e27819dd1edc7c28dff57bee42a2ed5b
Size

296KB
MD5

e27819dd1edc7c28dff57bee42a2ed5b
SHA1

1875567493f461ae930b291081f540224b51a3e2
SHA256

9cdf9a56c1a04198a317f403e25c037179b58b089c80d4f24ae935c35766ae04
SHA512

b03c7a29e8b93a912ef353dc42b274d1028246dd6f12359c03339a702d512d2c832588b5783b89ebd651fa80c914a1200ab5670b7ef084763044f0ab71ac6906
SSDEEP

3072:g0HO6umvaqQwU+aTPPDNBLPIzH1MVZbQxrPdNIe5m4HMAgAfH6dtgfBt8DtQTwnw:9BQmQzLgzS7ut5m4dgnwfByQTwCnDWy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e27819dd1edc7c28dff57bee42a2ed5b

Files

JaffaCakes118_e27819dd1edc7c28dff57bee42a2ed5b
.exe windows:4 windows x86 arch:x86

2b86d74566ce8dbe2b24359cf8f6d994

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapReAlloc
lstrlenW
WriteFile
LoadResource
LeaveCriticalSection
LocalFree
EnterCriticalSection
GetTickCount
GetVolumeInformationA
GetACP
CreateToolhelp32Snapshot
ReadFile
GetFileTime
GetSystemDirectoryA
Process32FirstW
GetFileSize
CloseHandle
GetVersionExA
GetTempPathA
Process32NextW
SetErrorMode
CreateProcessA
GetWindowsDirectoryW
CreateProcessW
GetExitCodeThread
CreateThread
CreateEventW
TerminateThread
SetEvent
GetModuleFileNameW
WaitForMultipleObjects
FlushFileBuffers
SetFilePointer
SetStdHandle
FindResourceW
lstrlenA
MultiByteToWideChar
CreateFileW
SizeofResource
FindResourceExW
LockResource
DeleteCriticalSection
InitializeCriticalSection
GetLastError
GetProcessHeap
WideCharToMultiByte
WaitForSingleObject
Sleep
FormatMessageW
GetModuleFileNameA
HeapAlloc
SetEndOfFile
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetConsoleMode
GetConsoleCP
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetExitCodeProcess
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryA
HeapDestroy
HeapSize
RaiseException
InterlockedExchange
GetLocaleInfoA
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
VirtualProtect
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetSystemInfo
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
DeleteFileW
GetLocalTime
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetStringTypeA
GetStringTypeW
GetCPInfo
LCMapStringA
LCMapStringW
VirtualFree
HeapCreate
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetFileAttributesW
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType

user32

GetActiveWindow
GetKeyboardState
UnregisterClassA

advapi32

QueryServiceStatusEx
OpenSCManagerW
CloseServiceHandle
CreateServiceW
ChangeServiceConfig2W
StartServiceW
RegisterServiceCtrlHandlerW
SetServiceStatus
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
StartServiceCtrlDispatcherW

ole32

StringFromCLSID
CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromProgID

ws2_32

WSASocketW
closesocket
WSAStartup
WSARecv
WSACloseEvent
WSACleanup
WSAGetLastError
WSASetEvent
WSAGetOverlappedResult
WSAResetEvent
freeaddrinfo
WSASend
getaddrinfo
WSAConnect
WSAEnumNetworkEvents
WSASetLastError
WSACreateEvent
WSAEventSelect

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b86d74566ce8dbe2b24359cf8f6d994

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

Sections

.text Size: 244KB - Virtual size: 243KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 244KB - Virtual size: 243KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 1KB