36faea3768f888c9f55e7a5f90d6a849_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36faea3768f888c9f55e7a5f90d6a849_JaffaCakes118
Size

19KB
MD5

36faea3768f888c9f55e7a5f90d6a849
SHA1

ef955317cb74bf0e6422347dc52b311eb4808288
SHA256

c40fdb91a7c0eb951af760b27aa563768c25adf1ef94e9bc819c7840377d1a82
SHA512

7aa51a0589736c3f8d2ad7fd173e9bf6bbc80653b8dde6bfa23c7a47914c99bd5a7da2fcdad9f514f1f731e74d1d9b32f53d0aae77229858edd464b370675d0d
SSDEEP

384:yYhoaerepnfx7CRU6UJ6zoUZ7gtEkshm+:yYeX0dP6jsU9gSksj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36faea3768f888c9f55e7a5f90d6a849_JaffaCakes118

Files

36faea3768f888c9f55e7a5f90d6a849_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce3e7d7028d1267fc032705f60922ef3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71

ord2468
ord2322
ord2348
ord310
ord304
ord2272
ord1916
ord3997
ord876
ord578
ord2902

msvcr71

_acmdln
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
memset
free
_except_handler3
_amsg_exit
strncmp
atoi
strstr
strchr
strtok
exit
time
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_controlfp
srand
rand
printf
__set_app_type
__security_error_handler
__dllonexit
_onexit
__CxxFrameHandler

kernel32

CreateThread
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
ExitProcess
GetStartupInfoA
GetModuleHandleA
DeleteCriticalSection
InitializeCriticalSection
CopyFileA
SetFileAttributesA
GetLastError
lstrlenA
GlobalMemoryStatus
GetSystemDirectoryA
GetTempPathA
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
GetCurrentProcess
ExitThread
Sleep
GetVersionExA
GetCurrentProcessId
GetTickCount
HeapAlloc
GetProcessHeap
CloseHandle
TerminateThread
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass

user32

wsprintfA

comdlg32

GetFileTitleA

advapi32

RegSetValueExA
OpenServiceA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
CreateServiceA
StartServiceA
RegOpenKeyA
DeleteService
CloseServiceHandle
SetServiceStatus
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA

ws2_32

setsockopt
WSASocketA
WSAStartup
gethostname
htons
connect
socket
inet_addr
inet_ntoa
closesocket
WSAGetLastError
recv
__WSAFDIsSet
select
gethostbyname
sendto
htonl
send

urlmon

URLDownloadToFileA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce3e7d7028d1267fc032705f60922ef3

Headers

File Characteristics

Imports

mfc71

msvcr71

kernel32

user32

comdlg32

advapi32

ws2_32

urlmon

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 241KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 241KB