24c3aa3f807dc058e2fe7ecbc15a7ddd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

24c3aa3f807dc058e2fe7ecbc15a7ddd_JaffaCakes118
Size

32KB
MD5

24c3aa3f807dc058e2fe7ecbc15a7ddd
SHA1

b09eb485799440929c6af9557fc5ec22869a9ca3
SHA256

65e014584dbf73611e9be044f78cabba917a4a89de282c81f9c32cc4e734ff1f
SHA512

72d9ae0610082f0defd8a44de1b7482a9dda9c422236f8f3bb7cbfd90cff2426064129072562ef903c15553f248493fb4697a6ca165a7e639f2062a030e6ade9
SSDEEP

384:HsBF+Iac20H8tmw+SqTGVGmZkcyqiYzJiKpK08KmKuaKe2nKj1UfFh33Tx4r+iwu:MBF+IaN01qBzmY2eUfF5VCbe81O2b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24c3aa3f807dc058e2fe7ecbc15a7ddd_JaffaCakes118

Files

24c3aa3f807dc058e2fe7ecbc15a7ddd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96878e72f1fcab9169b8e757fafefc49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetEnvironmentVariableA
GetShortPathNameA
lstrlenA
SetPriorityClass
CopyFileA
GetModuleHandleA
GetStartupInfoA
GetCurrentThread
SetThreadPriority
CreateProcessA
ResumeThread
GetModuleFileNameA
SetFileAttributesA
GetCurrentProcess
GetSystemDirectoryA
WinExec
GetTickCount
CreateThread
ExitThread
Sleep
GetComputerNameA
lstrcpyA
LoadLibraryA
GetLastError
GetProcAddress

user32

ExitWindowsEx
wsprintfA
MessageBoxA

comdlg32

GetFileTitleA

advapi32

RegSetValueExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
DeleteService
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
StartServiceA
CreateServiceA
CloseServiceHandle

shell32

ShellExecuteA

mfc42

ord858
ord2915
ord2764
ord4129
ord6648
ord537
ord800
ord535
ord2818
ord540
ord6877
ord939
ord4278
ord860
ord6663
ord926
ord922
ord924

msvcrt

_controlfp
__CxxFrameHandler
atoi
rand
srand
time
printf
strstr
exit
free
malloc
_except_handler3
strncmp
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

ws2_32

gethostbyname
sendto
inet_addr
htons
setsockopt
WSASocketA
WSAStartup
inet_ntoa
gethostname
socket
WSACleanup
htonl
send
connect
closesocket
recv
WSAGetLastError

Sections

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

upx
Size: 300B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

96878e72f1fcab9169b8e757fafefc49

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

mfc42

msvcrt

msvcp60

ws2_32

Sections

.data Size: 31KB - Virtual size: 30KB

.rsrc Size: 512B - Virtual size: 160B

upx Size: 300B - Virtual size: 300B

.data
Size: 31KB - Virtual size: 30KB

.rsrc
Size: 512B - Virtual size: 160B

upx
Size: 300B - Virtual size: 300B