f2c34a56a33ee7a22e77a217f5c9e92b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f2c34a56a33ee7a22e77a217f5c9e92b_JaffaCakes118
Size

86KB
MD5

f2c34a56a33ee7a22e77a217f5c9e92b
SHA1

15ea8a34ec85888940dbd940193cf8add164add1
SHA256

b5001980be782d5d4b17d0dda13d94e9dab27c2dc6f3000ea8c6b0422d616337
SHA512

383c7db9437823e761cb7f1a5b03e9c9865a1e38d7386c855bf23b16600337641391c2466ae40bb7e946441a3d3cb8063ff4e260617c5e52fafa34205d43b286
SSDEEP

1536:DBry/ppUeNGs85da33WebF6PIFSWazu9PYA:DQYeq5Q3mg+CVazu9PJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2c34a56a33ee7a22e77a217f5c9e92b_JaffaCakes118

Files

f2c34a56a33ee7a22e77a217f5c9e92b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a00798a75b3adda843ef8d891c26934d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\temp\227.pdb

Imports

kernel32

GlobalSize
_lread
GetFileSize
OpenFile
GetLocaleInfoA
_lwrite
_lclose
GetVolumeInformationA
CreateProcessA
GetSystemDirectoryA
FindFirstFileA
FindClose
OpenMutexA
FindNextFileA
CreateMutexA
GetVersionExA
GetTempPathA
SystemTimeToFileTime
GetTimeZoneInformation
GetLocalTime
GetSystemTime
WaitForMultipleObjects
GetLogicalDrives
ReadFile
SetCurrentDirectoryA
GetCurrentDirectoryA
GetCommandLineW
SetUnhandledExceptionFilter
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetModuleHandleA
DeleteFileA
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
LoadLibraryA
GetProcAddress
GetCurrentProcess
CreateFileA
CreateThread
ResumeThread
GetModuleFileNameA
lstrcatA
Sleep
GetCommandLineA
GetTickCount
ExitProcess

user32

wsprintfA

advapi32

CloseServiceHandle
StartServiceCtrlDispatcherA
RegCloseKey
RegOpenKeyA
DeleteService
RegSetValueExA
ControlService
OpenSCManagerA
SetServiceStatus
QueryServiceStatus
RegisterServiceCtrlHandlerExA
ChangeServiceConfigA
StartServiceA
CreateServiceA
OpenServiceA

shell32

CommandLineToArgvW

shlwapi

StrSpnA
StrCSpnA
StrCmpNA

msvcrt

srand
__p__fmode
_controlfp
_except_handler3
__p__commode
rand
__dllonexit
_onexit
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__set_app_type

ws2_32

recv
WSACleanup
shutdown
WSAGetLastError
select
connect
gethostbyname
closesocket
inet_ntoa
gethostname
gethostbyaddr
WSAWaitForMultipleEvents
WSACreateEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACloseEvent
send
ioctlsocket
recvfrom
inet_addr
htons
setsockopt
sendto
ntohl
socket
WSAStartup
getsockname

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

iphlpapi

GetAdaptersInfo

dnsapi

DnsRecordListFree
DnsQuery_A

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a00798a75b3adda843ef8d891c26934d

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

shlwapi

msvcrt

ws2_32

wininet

iphlpapi

dnsapi

Sections

.text Size: 85KB - Virtual size: 85KB

.text
Size: 85KB - Virtual size: 85KB