2a90fda8bbfcc9ceb9233811a44329a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a90fda8bbfcc9ceb9233811a44329a0_JaffaCakes118
Size

15KB
MD5

2a90fda8bbfcc9ceb9233811a44329a0
SHA1

4af53fbc93516ced64b3a1c51a8c1fbb5fe0d714
SHA256

fcbdbd544cf0db19675aa526d6c7a37fb6a5f1f87e06cbfcfabf4cab1beb9ba7
SHA512

82bb251f9718ffb488dfcb9d27e08c518fe24363e1d94d20ae0efaf17248670f6b944cd713bd6f4b7a33c75fdbaa877064660bbd892eae9b14250517cbbdc685
SSDEEP

384:Wm4baoJs+xoq6BIy+FrGDNtSyqyHn8Sg:tuf6yyzNbH8H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a90fda8bbfcc9ceb9233811a44329a0_JaffaCakes118

Files

2a90fda8bbfcc9ceb9233811a44329a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

175bed23eb65da65669e8bbe325b861e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord540
ord2846
ord2818
ord537
ord2915
ord2764
ord6648
ord4129
ord800

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
printf
rand
srand
time
_XcptFilter
_exit
_except_handler3
__CxxFrameHandler
strncmp
atoi
strstr
strchr
sprintf
exit

kernel32

Sleep
ExitThread
GetCurrentProcessId
lstrcatA
lstrcpyA
GetTickCount
HeapAlloc
GetProcessHeap
CreateThread
CreateProcessA
GetSystemDirectoryA
GlobalMemoryStatus
GetVersionExA
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetCurrentProcess
GetStartupInfoA
GetModuleHandleA
CopyFileA
GetLastError
lstrlenA
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
SetPriorityClass

user32

wsprintfA

comdlg32

GetFileTitleA

advapi32

OpenServiceA
OpenSCManagerA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
RegOpenKeyExA
RegCloseKey
CloseServiceHandle
RegSetValueExA
RegOpenKeyA
StartServiceA
CreateServiceA
DeleteService

ws2_32

select
htonl
sendto
inet_addr
htons
setsockopt
WSASocketA
WSAStartup
gethostbyname
gethostname
__WSAFDIsSet
recv
send
connect
socket
inet_ntoa
closesocket
WSAGetLastError

urlmon

URLDownloadToFileA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kav123
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

175bed23eb65da65669e8bbe325b861e

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

comdlg32

advapi32

ws2_32

urlmon

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 243KB

kav123 Size: 512B - Virtual size: 512B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 243KB

kav123
Size: 512B - Virtual size: 512B