157f75fdc970896c01c075480b46b033_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

157f75fdc970896c01c075480b46b033_JaffaCakes118
Size

16KB
MD5

157f75fdc970896c01c075480b46b033
SHA1

6c99a6bf2af3cf4344b073e0e41202c8bd7240b6
SHA256

66221f3259ae2f70b929231a8bf64d6cf1667c08875896cd36c281a5738594bd
SHA512

8cce6e5c43c302f4868139068ba74256fc11e642c5b8ab8fcfce94221c44278037e2a677606ea80e54a8698628fbff86bd850c954c46a00c3d721ea17b0109b1
SSDEEP

384:OcAyKxZXCyJxYSA6olrrQ494xYZ79feYpppq9n:O0KxZ0rrL91iYLpa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
157f75fdc970896c01c075480b46b033_JaffaCakes118

Files

157f75fdc970896c01c075480b46b033_JaffaCakes118
.dll windows:4 windows x86 arch:x86

493a126379a2324956a6c7c2ea2b3bcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_strnicmp
_adjust_fdiv
_initterm
_onexit
__dllonexit
sscanf
strlen
strcpy
strncat
??2@YAPAXI@Z
strcat
??3@YAXPAX@Z
memmove
memcpy
strcmp
sprintf
strchr
strpbrk
malloc
strncpy
atoi
fopen
strstr
free
time
memset
_EH_prolog
__CxxFrameHandler
_strdup
_stricmp

ws2_32

WSAStartup
listen
WSACleanup
setsockopt
recv
bind
connect
send
shutdown
closesocket
gethostbyname
inet_ntoa
htons
inet_addr
socket

kernel32

CreateThread
GetModuleFileNameA
CloseHandle
DeleteFileA
FreeLibrary
GetVolumeInformationA
Sleep
LoadLibraryA
GetProcAddress
CreateFileA
DeviceIoControl
GetVersionExA
GetLastError
ReadFile
SetFilePointer
WaitForSingleObject
GetCommandLineA
GetCurrentThreadId
GetSystemDirectoryA

user32

PeekMessageA
TranslateMessage
DispatchMessageA

advapi32

DeleteService
CloseServiceHandle
OpenServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
CreateServiceA
StartServiceA
OpenSCManagerA

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z

Exports

Exports

ServiceMain

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

493a126379a2324956a6c7c2ea2b3bcb

Headers

File Characteristics

Imports

msvcrt

ws2_32

kernel32

user32

advapi32

msvcp60

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 992B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 992B