f842c86d5260438c465e14d7746d9b39_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f842c86d5260438c465e14d7746d9b39_JaffaCakes118
Size

49KB
MD5

f842c86d5260438c465e14d7746d9b39
SHA1

cc77c641c321f3721136ba7aa05dfb57dc75a69d
SHA256

205bb1883741327c979375acd6bbab6c7e73009a413b3d1cbafe526196eacdb1
SHA512

131780b5442eec11af5472c5b22a27f160813976b55724bebee4773a97c1daf5167fa4e7b539001543ec3ec5a4010e6ebee33d2fcbcc0dcdec82119e22c849d4
SSDEEP

768:6ionvHGHEGJcyTz6Li8/mLaaMchlxM9/NZ6HmOeA3wGSNSS3q:8Mxf2reLa4e/X6H7eOwGe9q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.comvc71453453766/timeGetter.exe

Files

f842c86d5260438c465e14d7746d9b39_JaffaCakes118
.rar
cvery.comvc71453453766/timeGetter.exe
.exe windows:4 windows x86 arch:x86

eef5ac22f30bac43c0423c6e667e3a61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Project\MyProjects\C++Programing\timeGetter\Release\timeGetter.pdb

Imports

kernel32

SetSystemTime
FileTimeToSystemTime
ReadFile
SetStdHandle
GetLocaleInfoW
GetOEMCP
GetACP
WideCharToMultiByte
HeapFree
ExitProcess
RtlUnwind
RaiseException
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersionExA
LCMapStringA
MultiByteToWideChar
GetLastError
LCMapStringW
GetCPInfo
HeapAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
HeapSize
FlushFileBuffers
SetFilePointer
CloseHandle
LoadLibraryA
InterlockedExchange
IsBadReadPtr
IsBadCodePtr

ws2_32

WSAStartup
WSACleanup
socket
htons
connect
recv
ntohl
closesocket
inet_ntoa

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cvery.comvc71453453766/timeGetter.sln
cvery.comvc71453453766/timeGetter.vcproj
.xml
cvery.comvc71453453766/tmGetter.cpp
cvery.comvc71453453766/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

eef5ac22f30bac43c0423c6e667e3a61

Headers

File Characteristics

PDB Paths

Imports

kernel32

ws2_32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 10KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 10KB