4b7148a0b9b92dd00941022aa0906017_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b7148a0b9b92dd00941022aa0906017_JaffaCakes118
Size

9KB
MD5

4b7148a0b9b92dd00941022aa0906017
SHA1

a38957b6c2e6ae7240eb1004e0390056220a0104
SHA256

3fcd630d39625f0f162b9c41f3a3a97fbe4a0066536a3d02beb941cf820e5003
SHA512

5dc41866bd45203583ffa39f579b1f715649f5812908b2dbd6d1d57c64b395c6a370a13bd5b7aafe9f2a0f55db2e126d25dfcf848445db737628dcf73d6d3274
SSDEEP

192:0CBwv+I1WgNxZ4pGnNuetFk1Kvjf7wsTkdocJH3D7MQDoFH3D+0T:UGI11TZ4qtFk1Kvjf8sQJH3PqH3qe

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SimpleNtpClient-HTTP/SimpleNtpClient-HTTP-LogHide.exe
unpack001/SimpleNtpClient-HTTP/SimpleNtpClient-HTTP.exe

Files

4b7148a0b9b92dd00941022aa0906017_JaffaCakes118
.zip
SimpleNtpClient-HTTP/NTP-HTTP.js
.js
SimpleNtpClient-HTTP/ReadMe.txt
SimpleNtpClient-HTTP/SimpleNtpClient-HTTP-LogHide.exe
.exe windows:5 windows x86 arch:x86

d834bcd9eed98a73bef3a84ff79788ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
ExitProcess
SetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
RtlZeroMemory
GetCommandLineA
SetThreadAffinityMask
GetCurrentThread

user32

wsprintfA
CharNextA

ws2_32

WSACleanup
closesocket
recv
select
shutdown
send
freeaddrinfo
connect
socket
getaddrinfo
WSAStartup

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SimpleNtpClient-HTTP/SimpleNtpClient-HTTP-LogHide.exe.manifest
.xml
SimpleNtpClient-HTTP/SimpleNtpClient-HTTP.exe
.exe windows:5 windows x86 arch:x86

750d4bcf186fa949fb29a7e845f4d24b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
ExitProcess
SetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
RtlZeroMemory
GetCommandLineA
SetThreadAffinityMask
GetCurrentThread

user32

PostQuitMessage
EnableWindow
PeekMessageA
KillTimer
MessageBoxA
SetTimer
wsprintfA
CharNextA

ws2_32

WSACleanup
closesocket
recv
select
shutdown
send
freeaddrinfo
connect
socket
getaddrinfo
WSAStartup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SimpleNtpClient-HTTP/SimpleNtpClient-HTTP.exe.manifest
.xml

Sharing

General

Malware Config

Signatures

Files

d834bcd9eed98a73bef3a84ff79788ae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 2KB - Virtual size: 2KB

750d4bcf186fa949fb29a7e845f4d24b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 2KB