fbdd12cced235a77bb0dcf021ca23bdb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbdd12cced235a77bb0dcf021ca23bdb_JaffaCakes118
Size

36KB
MD5

fbdd12cced235a77bb0dcf021ca23bdb
SHA1

1c6db746cdfd84e6f8914340919f1562cdfaa722
SHA256

a4f102e26b8196b43f126f85e375209a2ddb8f888eb847366dd6e31e624b28f3
SHA512

652caa37b901316ebd6cb03a49ae5c4c7fc355b711b08d05ee2741d2869f1360209efdc9c7bfda89d19d35f71017f8e09417f8e4655203b442b7cf10b745b6cf
SSDEEP

768:MCdINECHvMrFrRNE1S+xNhdDS4X5k8TNcw//vZN:RdIDipGnxNnm2k6NcsZN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbdd12cced235a77bb0dcf021ca23bdb_JaffaCakes118

Files

fbdd12cced235a77bb0dcf021ca23bdb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a92aa6695f4ef38bec56ba8d99108a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
CopyFileA
SetThreadPriority
GetCurrentProcess
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
GlobalMemoryStatusEx
ExitProcess
GetLastError
CreateMutexA
GetModuleHandleA
GetStartupInfoA
WinExec
GetSystemTimes
WaitForSingleObject
CloseHandle
TerminateThread
lstrlenA
lstrcatA
LoadLibraryA
GetProcAddress
Sleep
ExitThread
GetModuleFileNameA
GetTickCount

user32

MessageBoxA
wsprintfA

advapi32

CreateServiceA
StartServiceA
RegOpenKeyA
CloseServiceHandle
RegOpenKeyExA
RegSetValueExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegQueryValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA

shell32

ShellExecuteExA
SHChangeNotify

ws2_32

gethostbyname
WSAGetLastError
select
__WSAFDIsSet
recv
shutdown
WSAIoctl
WSASocketA
htonl
gethostname
setsockopt
inet_ntoa
WSACleanup
htons
socket
connect
send
closesocket
inet_addr

winmm

timeGetTime

iphlpapi

GetIfTable

msvcrt

_except_handler3
_iob
fprintf
sprintf
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
strncmp
strrchr
free
_ftol
_CxxThrowException
__CxxFrameHandler
malloc
realloc
rand
srand
time
printf
??2@YAPAXI@Z
strstr
_local_unwind2

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 515KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a92aa6695f4ef38bec56ba8d99108a9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

winmm

iphlpapi

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 515KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 515KB

.rsrc
Size: 8KB - Virtual size: 6KB