339b69014f1ec07a32b0cd615fdb2fa2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

339b69014f1ec07a32b0cd615fdb2fa2_JaffaCakes118
Size

23KB
MD5

339b69014f1ec07a32b0cd615fdb2fa2
SHA1

fa76115987f56021cdab69b47dd0ea8178832dc8
SHA256

45e999f80da3c756d3020817c77278cf112cff2d62081be428f9ef591527c43d
SHA512

2db6b955320f81e52fced9c1e8f2eda1881749ac93f25e3861bb53b0af8cf21ec36e1cf62aeeed5124c5c296e780cc6cefa18ad576d585df08837e9901e549d5
SSDEEP

384:wSjzoAjDvj9GL6JtHTNUhrwD+bXkhaq3UCNcu+c:wazoOv9yNkNQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
339b69014f1ec07a32b0cd615fdb2fa2_JaffaCakes118

Files

339b69014f1ec07a32b0cd615fdb2fa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

473a464ebe3c02c1f61caeca7c5f519d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord540
ord2846
ord2818
ord537
ord2764
ord6648
ord4129
ord800
ord2915
ord825

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_controlfp
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
strchr
strtok
exit
time
srand
rand
printf
__CxxFrameHandler
sprintf
strstr
_stricmp
_except_handler3
strncmp
atoi

kernel32

GetProcessHeap
TerminateThread
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
lstrcatA
lstrcpyA
GetEnvironmentVariableA
ExitThread
GetStartupInfoA
SetFileAttributesA
GetLastError
lstrlenA
GlobalMemoryStatus
GetSystemDirectoryA
GetTempPathA
GetModuleFileNameA
OutputDebugStringA
GetProcAddress
LoadLibraryA
FreeLibrary
SetLastError
CloseHandle
GetCurrentProcess
GetWindowsDirectoryA
GetModuleHandleA
CreateThread
CopyFileA
GetVersionExA
HeapAlloc
Sleep
GetCurrentProcessId
GetTickCount
GetShortPathNameA

user32

wsprintfA

advapi32

SetServiceStatus
StartServiceA
CloseServiceHandle
OpenServiceA
CreateServiceA
OpenSCManagerA
RegOpenKeyA
RegSetValueExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
DeleteService

ws2_32

sendto
htons
setsockopt
WSASocketA
htonl
connect
socket
WSAStartup
inet_ntoa
closesocket
WSAGetLastError
recv
__WSAFDIsSet
select
gethostname
send
inet_addr
gethostbyname
WSACleanup

urlmon

URLDownloadToFileA

mpr

WNetCancelConnection2A
WNetAddConnection2A
WNetGetUserA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

473a464ebe3c02c1f61caeca7c5f519d

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

ws2_32

urlmon

mpr

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 2KB - Virtual size: 242KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 2KB - Virtual size: 242KB