157e69af07051ffd92544e54d26ea948_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

157e69af07051ffd92544e54d26ea948_JaffaCakes118
Size

156KB
MD5

157e69af07051ffd92544e54d26ea948
SHA1

46c48b7c131ec438cc766b37c4fd01d0e6b70b5c
SHA256

ffd1aa9e92a22d5b7a0635ed7080561fd3013dde5a8f289d22342e91177c0503
SHA512

e3e091219826d9f5c02f4cbbf5307ca120b9d75cbaf027e20f69ad455786ae189266b7c9809cdc6ae77ed3c7e155a6319bcb95d90fd3ec736ddec081653dc317
SSDEEP

3072:qqM8MXm6jdOOS8miXKqWag69BhbrswJhZkZEmZZfOEjsM4x+VDi8HvEO:qqM8MXm6j4OS7i9WsbnEc+1ig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
157e69af07051ffd92544e54d26ea948_JaffaCakes118

Files

157e69af07051ffd92544e54d26ea948_JaffaCakes118
.exe windows:6 windows x86 arch:x86

122d75c834bfc3d927409f7a84ed8a65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SYSCORE3\buildsyscore\release\mfefire.pdb

Imports

msvcrt

?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_onexit
_lock
__dllonexit
_unlock
_wcsicmp
_controlfp
towupper
wcsncpy
memset
malloc
free
wprintf
_purecall
memcpy
wcsrchr
wcsncat

kernel32

GetFileTime
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
SetLastError
DebugBreak
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
InterlockedCompareExchange
GetCurrentProcess
GetProcessHeap
HeapFree
GetVersionExW
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleFileNameW
LoadLibraryExW
LocalFree
LocalAlloc
SetEvent
CloseHandle
WaitForMultipleObjects
CreateThread
CreateEventW
CancelWaitableTimer
WaitForSingleObject
SetWaitableTimer
CreateWaitableTimerW
GetWindowsDirectoryW
CreateDirectoryW
CreateFileW
WriteFile
GetFileSizeEx
GetLocalTime
SetFilePointer
Sleep
ResetEvent
MultiByteToWideChar
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
FindNextChangeNotification
FindFirstChangeNotificationW
GetSystemDirectoryW
DeviceIoControl

advapi32

BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetSecurityDescriptorDacl
GetExplicitEntriesFromAclW
GetSidSubAuthority
IsValidSid
GetSidIdentifierAuthority
OpenProcessToken
SetNamedSecurityInfoW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyExW
SetEntriesInAclW
AllocateAndInitializeSid
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
SetServiceStatus
RegOpenKeyExW
RegSetValueExW
RegNotifyChangeKeyValue
RegDeleteValueW
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
TraceEvent
RegQueryValueExW
RegCloseKey

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree

ws2_32

socket
WSACreateEvent
WSAIoctl
WSAResetEvent
closesocket
WSAStartup
inet_addr
WSAStringToAddressA
WSAGetLastError

ntdll

_stricmp

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bldvar
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

122d75c834bfc3d927409f7a84ed8a65

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

ole32

ws2_32

ntdll

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 7KB - Virtual size: 8KB

.bldvar Size: 512B - Virtual size: 38B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 7KB - Virtual size: 8KB

.bldvar
Size: 512B - Virtual size: 38B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 13KB - Virtual size: 12KB