ea4bfa275e234e97f03cf0175d6ec440_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea4bfa275e234e97f03cf0175d6ec440_JaffaCakes118
Size

56KB
MD5

ea4bfa275e234e97f03cf0175d6ec440
SHA1

3a32f8b4abaf7ab6ee039b357b037c9fb06d9782
SHA256

96439c121af53c8bf009eb38917468a58cd74b83463e6753343f031d88eff7a3
SHA512

bbff0fcb3bcb9263e4cccc10c298c03fed75be331aa60b61379246e7f10be9b1cdb22281eed7060c2b8cfda0a2304919d1577440132823565f7c82c508ca9dfd
SSDEEP

768:fv+pTnzSQTNZgkXJld5lU4lEF9uvA4au7oFMnWgIVnUqYbNpcCtbPHrXbnNKsiSY:ynDj77HaukMnWgsU7T/NKsJ6kY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea4bfa275e234e97f03cf0175d6ec440_JaffaCakes118

Files

ea4bfa275e234e97f03cf0175d6ec440_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08ad209f513899919cbbab30422ce7ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileA
URLDownloadToCacheFileA

ws2_32

gethostbyname
inet_ntoa
gethostname
WSAStartup

mfc42

ord922
ord4277
ord5683
ord4129
ord2764
ord5442
ord3318
ord800
ord858
ord924
ord926
ord3790
ord540
ord2107
ord3663
ord354
ord665
ord2448
ord2841
ord825
ord3811
ord2915
ord2044
ord6153
ord5186
ord535
ord1979
ord5834
ord6394
ord6383
ord5440
ord5450
ord356
ord2770
ord668
ord860
ord2818
ord941
ord939
ord3789
ord537
ord823

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_itoa
srand
_strupr
malloc
strstr
free
toupper
rand
_purecall
strncpy
strncat
__CxxFrameHandler
_initterm
_mbscmp
time

kernel32

LocalAlloc
GetWindowsDirectoryA
CopyFileA
DeleteFileA
GetSystemDirectoryA
LocalFree
GetModuleFileNameA
TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GetModuleHandleA
GetStartupInfoA
Sleep

advapi32

ControlService
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
StartServiceA
CreateServiceA
DeleteService
OpenSCManagerA
OpenServiceA
RegEnumValueA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
InitializeAcl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegCreateKeyA
RegCloseKey
CloseServiceHandle

shell32

ShellExecuteA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08ad209f513899919cbbab30422ce7ef

Headers

File Characteristics

Imports

urlmon

ws2_32

mfc42

msvcrt

kernel32

advapi32

shell32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 2KB