f0efc2be20d4550a820cb34e508e6eff_JaffaCakes118

General

Target

f0efc2be20d4550a820cb34e508e6eff_JaffaCakes118
Size

44KB
MD5

f0efc2be20d4550a820cb34e508e6eff
SHA1

89553408262658eef2c03775084cffe44832105b
SHA256

887921848aeaf6005072ebb6435068bc0361f299ae6be41e45b3114a8e56e1d2
SHA512

666189e2779fe65da10a574f3048b4b1a23a577c97650b45c5f2bc81c817d0c985a6c6c5ad001736bef1e1def42c316699fa453c043d71919d61c93972d74e0d
SSDEEP

768:wAZoyVrPk+xciilSz+dFtE0l4qBDXkjZZKJlbmKWGoPzSWsRHX:PZo8Wbi0l48Di+LAG22WsB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0efc2be20d4550a820cb34e508e6eff_JaffaCakes118

Files

f0efc2be20d4550a820cb34e508e6eff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5f27ce9983c92e273fc297ad0a4d282

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriority
GlobalMemoryStatus
GetVersionExA
QueryPerformanceCounter
QueryPerformanceFrequency
SetErrorMode
GetSystemDirectoryA
lstrlenA
lstrcatA
CopyFileA
GetTempPathA
WriteFile
GetFileAttributesA
SetFileAttributesA
ExpandEnvironmentStringsA
CreateEventA
WaitForSingleObject
Sleep
GetTickCount
ExitProcess
ExitThread
LeaveCriticalSection
TerminateThread
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetModuleFileNameA
CloseHandle
CreateFileA
WinExec
GetLastError
CreateMutexA
CreateThread

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ChangeServiceConfig2A
CreateServiceA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA

msvcrt

strcat
srand
fwrite
_strnicmp
strchr
sscanf
strcmp
strtoul
fseek
ceil
fread
fclose
??3@YAXPAX@Z
rand
sprintf
memcpy
memset
strncat
strcpy
fopen
vsprintf
strlen
malloc
realloc
_ftol
_except_handler3
strtok
_strcmpi
atoi
strncpy
strstr
_snprintf
free

odbc32

user32

TranslateMessage
DispatchMessageA
GetMessageA

wininet

InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetGetConnectedState
InternetCloseHandle
InternetReadFile

ws2_32

WSASocketA

Sections

code
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a5f27ce9983c92e273fc297ad0a4d282

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

odbc32

user32

wininet

ws2_32

Sections

code Size: 40KB - Virtual size: 40KB

.avc Size: 2KB - Virtual size: 4KB

code
Size: 40KB - Virtual size: 40KB

.avc
Size: 2KB - Virtual size: 4KB