JaffaCakes118_1a3dc31e3230c2da5d6d4fafaebf9036

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_1a3dc31e3230c2da5d6d4fafaebf9036
Size

274KB
MD5

1a3dc31e3230c2da5d6d4fafaebf9036
SHA1

d3b23a64e7988e8d6d58a81f05bf2e0c317aaf25
SHA256

737ebfde38437376a3281fac4012e9d8c3c23a0e3fe72bee4585b440e15e2683
SHA512

e550f7eab827d2a151d7456a45a195ca25f549df95e8e085f3a76a373f55ec813f4c43d43f796e8a1bf1dffbdc62727e9ed5cf0c95bf66c01b9870834b5e1ab6
SSDEEP

6144:/mwed2qXnxBpk/cwpjPr67peWHEGt+CNN1H5eXmR:/mwedTntk/cwpjuYWH5ECN/HUXq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1a3dc31e3230c2da5d6d4fafaebf9036

Files

JaffaCakes118_1a3dc31e3230c2da5d6d4fafaebf9036
.exe windows:4 windows x86 arch:x86

8f0bbabc37d1eac880aa203344dbf296

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
WSAGetLastError
WSACreateEvent
WSACloseEvent
socket
closesocket
gethostbyname
ntohs
send
recv
shutdown
connect
WSAEnumNetworkEvents
WSAAccept
htonl
htons
bind
listen
WSAEventSelect
inet_addr
gethostname
WSAStartup

urlmon

FindMimeFromData

kernel32

WaitForMultipleObjects
lstrlenW
lstrcpynW
CreateDirectoryW
WaitForSingleObject
LocalFree
CreateEventW
lstrcpyW
OpenEventW
CreateMutexW
GetModuleHandleW
GetTempPathW
GetTimeFormatW
GetDateFormatW
GetLocalTime
FreeLibrary
TlsAlloc
GetProcessHeap
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
LoadLibraryW
GetProcAddress

advapi32

ConvertStringSidToSidW
CreateProcessAsUserW
RegisterServiceCtrlHandlerW
SetServiceStatus
StartServiceCtrlDispatcherW
ControlService
DeleteService
CreateServiceW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
RegConnectRegistryW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
StartServiceW
QueryServiceStatus
LookupPrivilegeValueW
AdjustTokenPrivileges
GetSecurityInfo
GetSecurityDescriptorDacl
GetUserNameW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetSecurityInfo
DuplicateTokenEx
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
GetTokenInformation
LookupAccountSidW
SetTokenInformation

ole32

CoCreateInstance
CoInitialize
CoUninitialize

user32

wsprintfW

quartz

AMGetErrorTextW
DllCanUnloadNow

browseui

DllGetVersion

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.l
Size: 1024B - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Mz
Size: 5KB - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dCisa
Size: 1KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.chhYG
Size: 4KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vR
Size: 4KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.u
Size: 98KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jBANt
Size: 1KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.w
Size: 4KB - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.M
Size: 122KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iHQMi
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f0bbabc37d1eac880aa203344dbf296

Headers

File Characteristics

Imports

ws2_32

urlmon

kernel32

advapi32

ole32

user32

quartz

browseui

Sections

.text Size: 17KB - Virtual size: 16KB

.l Size: 1024B - Virtual size: 200KB

.Mz Size: 5KB - Virtual size: 574KB

.dCisa Size: 1KB - Virtual size: 193KB

.rdata Size: 2KB - Virtual size: 8KB

.chhYG Size: 4KB - Virtual size: 81KB

.vR Size: 4KB - Virtual size: 321KB

.u Size: 98KB - Virtual size: 175KB

.jBANt Size: 1KB - Virtual size: 131KB

.w Size: 4KB - Virtual size: 453KB

.data Size: 6KB - Virtual size: 275KB

.M Size: 122KB - Virtual size: 174KB

.iHQMi Size: 2KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 16KB

.l
Size: 1024B - Virtual size: 200KB

.Mz
Size: 5KB - Virtual size: 574KB

.dCisa
Size: 1KB - Virtual size: 193KB

.rdata
Size: 2KB - Virtual size: 8KB

.chhYG
Size: 4KB - Virtual size: 81KB

.vR
Size: 4KB - Virtual size: 321KB

.u
Size: 98KB - Virtual size: 175KB

.jBANt
Size: 1KB - Virtual size: 131KB

.w
Size: 4KB - Virtual size: 453KB

.data
Size: 6KB - Virtual size: 275KB

.M
Size: 122KB - Virtual size: 174KB

.iHQMi
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB