31fc550c1f570f6a9bb29fcb49690164_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

31fc550c1f570f6a9bb29fcb49690164_JaffaCakes118
Size

24KB
MD5

31fc550c1f570f6a9bb29fcb49690164
SHA1

ea836ba32c4e9adeece467263a760496f9aa1d4f
SHA256

231b1559ab77ead9f48fba6416139fcff63c37d30ad5e22a2f15ce34a95d8469
SHA512

e9eafc47107d5ab62db3714bee4832e655fb48d9408250e94e4f7556f2bf7e51cef7f739bbe8752c444e67dc6dfcd392ddb5dcf4a4171fa2ef415c8fa0bdf489
SSDEEP

768:gdfizkgCGOI4rHDH+ExgxRZpIizM7/bM1iW9Qwh:gdfizWGd4rkxnzKM1b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31fc550c1f570f6a9bb29fcb49690164_JaffaCakes118

Files

31fc550c1f570f6a9bb29fcb49690164_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92cf12da34ed23d78b3f383c90b26481

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrNCatA
StrToIntA
wvnsprintfA
wnsprintfA
StrStrA
StrRChrA
StrCmpNA
StrChrA
StrStrIA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState

ws2_32

inet_ntoa
htonl
ntohl
closesocket
select
connect
ioctlsocket
htons
socket
inet_addr
recv
send
gethostbyname
getsockname
WSACleanup
WSAStartup

mpr

WNetAddConnection2A

kernel32

lstrcpyA
WaitForSingleObject
MoveFileExA
GetShortPathNameA
GetWindowsDirectoryA
SetFilePointer
TerminateThread
CreateMutexA
SetUnhandledExceptionFilter
SetErrorMode
CopyFileA
DeleteFileA
GetVersionExA
GetModuleFileNameA
ExitProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
Module32First
OpenProcess
TerminateProcess
GetCurrentProcess
lstrcmpiA
ReadFile
WriteFile
GetSystemDirectoryA
lstrcmpA
lstrcpynA
lstrlenA
ExitThread
Sleep
LeaveCriticalSection
EnterCriticalSection
GetTickCount
GetLastError
CreateThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapAlloc
GetProcessHeap
HeapFree
lstrcatA
FormatMessageA
CloseHandle
CreateFileA
CreateProcessA
CreateEventA

user32

wsprintfA

advapi32

RegSetValueExA
LookupPrivilegeValueA
RegCreateKeyA
RegOpenKeyExA
AdjustTokenPrivileges
RegCloseKey
OpenProcessToken

shell32

ShellExecuteA

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

92cf12da34ed23d78b3f383c90b26481

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

wininet

ws2_32

mpr

kernel32

user32

advapi32

shell32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 253KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 253KB