323b764d151880d937824c2fbb420155_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

323b764d151880d937824c2fbb420155_JaffaCakes118
Size

63KB
MD5

323b764d151880d937824c2fbb420155
SHA1

48058d5b82abdc00d5662b0434414213b4e1766a
SHA256

6a445d3add8ce6a6563b6adc3224525f376c19ee49eede75ea619c9fdf31523d
SHA512

fae2bb9327f53d418119083611547bced9068c9f78f17580f9c6bff38443b9f1cdf9fa52a1a40cafd6952614b931d554de0793e7c77b1bc7020949d65914c17e
SSDEEP

1536:zy98KcScKSXmoVHep23j+8lS4p39zNZGvPcZGvUZGv:z2fpIj+8BxJNQPcQUQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
323b764d151880d937824c2fbb420155_JaffaCakes118

Files

323b764d151880d937824c2fbb420155_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87d6e244f246742411fa2cf4030f1be4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCancelConnectionA
WNetAddConnection2A

rpcrt4

UuidToStringA
UuidFromStringA

advapi32

GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

user32

CharLowerA
MessageBoxA

oleaut32

SysAllocString
SysFreeString
VariantClear

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Nomemory@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

ws2_32

ioctlsocket
connect
send
htons
inet_addr
closesocket
socket
WSAStartup

msvcr71

_except_handler3
wcslen
_callnewh
??1type_info@@UAE@XZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
exit
_vsnprintf
strlen
srand
_snprintf
atoi
strncpy
memset
memcpy
strcat
strcpy
rand
malloc
sprintf
realloc
free
_CxxThrowException
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
memmove
??3@YAXPAX@Z
strstr
memcmp
strtok
??_V@YAXPAX@Z
strchr
_stricmp
strcmp

kernel32

GlobalFree
GetModuleHandleA
GetComputerNameA
GlobalAlloc
GetStartupInfoA
LocalFree
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsA
CreateMutexA
ReleaseMutex
GetFileAttributesA
GetLogicalDriveStringsA
lstrcatA
CreateDirectoryA
TerminateThread
GetProcAddress
LoadLibraryA
GetVersionExA
GetLocaleInfoA
GetEnvironmentVariableA
GetDriveTypeA
SetCurrentDirectoryA
GetFullPathNameA
GetFileSize
SetFilePointer
CreateFileMappingA
MapViewOfFile
lstrlenA
UnmapViewOfFile
TransactNamedPipe
FindFirstFileA
SetFileAttributesA
CopyFileA
FindNextFileA
FindClose
CreateFileA
GetTickCount
WriteFile
CreateProcessA
WaitForSingleObject
ExitThread
lstrcmpiA
Sleep
ExitProcess
CreateThread
GetLastError
GetTempPathA
OpenProcess
TerminateProcess
CloseHandle
InterlockedDecrement
GetModuleFileNameA

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87d6e244f246742411fa2cf4030f1be4

Headers

File Characteristics

Imports

mpr

rpcrt4

advapi32

user32

oleaut32

msvcp71

ws2_32

msvcr71

kernel32

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 277KB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 277KB

.rsrc
Size: 21KB - Virtual size: 21KB