2ac84856326ed4929747e423ff9ecfe0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ac84856326ed4929747e423ff9ecfe0_JaffaCakes118
Size

48KB
MD5

2ac84856326ed4929747e423ff9ecfe0
SHA1

61fffc5043fd9ad8dded89743fa1689eb035ee4d
SHA256

c4a968f63d817b29961051b5e76d45855974e940b6a40578938cfbb9fd591630
SHA512

ad6c0f09639afce55f3c17faeff51ff31c4719e0647c48ecde22a454e1285f43403d920e832559219c6e664a1038f5cb620d0c1a4d9f42b1b2b50048e486ef02
SSDEEP

768:FT+LagG81z2Ze6XTm/02Y8D+SzZYhXQoNBaStiDRPcqXHgZxK8Uw7hsbI:FTAYKz2ZpV8XZYRQoNociDRksykf7c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac84856326ed4929747e423ff9ecfe0_JaffaCakes118

Files

2ac84856326ed4929747e423ff9ecfe0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8f73a5058c15460909a46751b5b4dc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError
inet_addr
htons
socket
connect
WSAAsyncSelect
WSAStartup
WSACleanup
closesocket
recv
send

shell32

ShellExecuteA
SHGetFileInfoA

kernel32

Process32Next
Process32First
CreateToolhelp32Snapshot
CloseHandle
LocalAlloc
InitializeCriticalSection
CreateProcessA
GetStartupInfoA
CreatePipe
LeaveCriticalSection
ReadFile
EnterCriticalSection
WriteFile
TerminateProcess
OpenProcess
DeleteCriticalSection
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
GetTempPathA
ResumeThread
CreateThread
Sleep
GlobalMemoryStatus
GetVersionExA
GetLogicalDrives
GetDriveTypeA
DeleteFileA
SetFileAttributesA
FindClose
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
GetModuleHandleA
CreateDirectoryA
RemoveDirectoryA

user32

SetClipboardData
CloseClipboard
GetDC
ReleaseDC
GetWindowDC
MessageBoxA
PostQuitMessage
DefWindowProcA
EmptyClipboard
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
OpenClipboard
LoadIconA

gdi32

GetObjectA
GetStockObject
SelectPalette
RealizePalette
GetDIBits
DeleteObject
CreateDCA
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
CreatePalette

advapi32

QueryServiceConfigA
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
ControlService
StartServiceA
ChangeServiceConfigA
OpenSCManagerA
EnumServicesStatusA
OpenServiceA
RegCloseKey

avicap32

capGetDriverDescriptionA

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

msvcrt

strcat
printf
malloc
_mbscmp
free
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
sprintf
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
memcpy
_ftol
strlen
strcpy
__CxxFrameHandler
??2@YAPAXI@Z
_acmdln
_itoa
memset

mfc42

ord3663
ord3626
ord3692
ord1641
ord535
ord858
ord540
ord537
ord668
ord4171
ord3178
ord2781
ord2770
ord356
ord1979
ord3176
ord1980
ord2915
ord4058
ord6648
ord2764
ord6385
ord860
ord941
ord640
ord2859
ord323
ord2452
ord1158
ord3571
ord1640
ord5785
ord5856
ord354
ord5186
ord665
ord3318
ord5442
ord2393
ord2414
ord800

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8f73a5058c15460909a46751b5b4dc6

Headers

File Characteristics

Imports

ws2_32

shell32

kernel32

user32

gdi32

advapi32

avicap32

msvcp60

msvcrt

mfc42

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB