07364cb643e9e29267ffe5d6321867fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07364cb643e9e29267ffe5d6321867fb_JaffaCakes118
Size

592KB
MD5

07364cb643e9e29267ffe5d6321867fb
SHA1

7b992b61e8af479301bbda2120ac9bc7148a2874
SHA256

3341bc9196f770ae6c7bf5547edc5cb0765b544e6504675bf59b94bf81bd793c
SHA512

6f4913430599f27c28db11baf8ac10e88f235f46b713754654bf41f3d629e6f967c48d4767f9fb702cb54f04ef77d724367e701383c4ca043dd5869dca67e348
SSDEEP

12288:OmNN0lfgDhtj3OI8F/epcaSP5uYR+oEKMmuxdacVzIuPlYLkDZl+Exx/+htGEO4G:DxdacVzzPlYLGzYEEz4b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07364cb643e9e29267ffe5d6321867fb_JaffaCakes118

Files

07364cb643e9e29267ffe5d6321867fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5a7e87805c7f37ddbcca4d673e87869

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Projects\MPF_Cupid\Service\NWService___Win32_Mpf_Release\MpfService.pdb

Imports

ws2_32

WSAIoctl
closesocket
inet_addr
inet_ntoa
WSAStartup
ntohs
WSASocketA

wininet

InternetGetConnectedState

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

LockFile
GetLocaleInfoW
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetSystemInfo
VirtualProtect
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
lstrlenA
SetUnhandledExceptionFilter
FormatMessageA
GetModuleHandleA
GetModuleFileNameA
VirtualQuery
WriteFile
GetVersion
CompareStringA
CompareStringW
lstrcmpiA
lstrcmpiW
IsBadWritePtr
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStringTypeExA
GetStringTypeExW
CloseHandle
SetFilePointer
CreateFileA
SetErrorMode
FindClose
FindFirstFileA
FreeLibrary
GetShortPathNameA
GetProcAddress
LoadLibraryA
SetLastError
GetFileAttributesA
GetDriveTypeA
GetCurrentDirectoryA
LocalFree
GetLastError
CreateProcessA
SetEvent
SetCurrentDirectoryA
CreateEventA
ReleaseMutex
WaitForSingleObject
UnmapViewOfFile
ResetEvent
Sleep
CreateDirectoryA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetSystemDirectoryA
EnterCriticalSection
LocalAlloc
DeleteFileA
CopyFileA
ReadFile
GlobalFree
GlobalAlloc
SetConsoleCtrlHandler
GetFileSize
FindResourceA
WaitForMultipleObjects
lstrcmpA
DeviceIoControl
MapViewOfFile
CreateFileMappingA
PulseEvent
CreateMutexA
OpenMutexA
OpenEventA
ResumeThread
SuspendThread
FreeConsole
RaiseException
GetTempPathA
FlushFileBuffers
SetEndOfFile
UnlockFile
SetEnvironmentVariableA
GetSystemTime
InterlockedIncrement
GetFullPathNameA
GetStdHandle
UnhandledExceptionFilter
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetCurrentProcess
TerminateProcess
GetTimeZoneInformation
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
TlsAlloc
GetCurrentThread
TlsFree
GetCPInfo
GetOEMCP
VirtualAlloc
VirtualFree
HeapCreate
FatalAppExitA
GetCommandLineA
CreateThread
TlsGetValue
TlsSetValue
GetCurrentThreadId
ExitThread
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap

user32

wsprintfA
CharLowerA
CharUpperA
MessageBoxA
wvsprintfA
CharLowerW
CharUpperW
DestroyIcon
SetRect
PostMessageA
CreateDialogParamA
DialogBoxParamA
LoadAcceleratorsA
LoadMenuA
LoadIconA
LoadImageA
LoadBitmapA
LoadStringA
SetWindowTextA
RegisterClassA
CreateWindowExA
DefWindowProcA
DestroyWindow
LoadCursorA
SetCursor

ole32

CoGetClassObject
CoInitialize
CoUninitialize
GetRunningObjectTable
CreateClassMoniker
StringFromCLSID
CoTaskMemFree

oleaut32

SysAllocStringLen

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5a7e87805c7f37ddbcca4d673e87869

Headers

File Characteristics

PDB Paths

Imports

ws2_32

wininet

version

kernel32

user32

ole32

oleaut32

Sections

.text Size: 332KB - Virtual size: 331KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 16KB - Virtual size: 69KB

.rsrc Size: 172KB - Virtual size: 169KB

.text
Size: 332KB - Virtual size: 331KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 16KB - Virtual size: 69KB

.rsrc
Size: 172KB - Virtual size: 169KB