4968c9d3bb858974ec4fbd5fd25b0371_JaffaCakes118

General

Target

4968c9d3bb858974ec4fbd5fd25b0371_JaffaCakes118
Size

60KB
MD5

4968c9d3bb858974ec4fbd5fd25b0371
SHA1

51cede37e79df4193621011250217bcfa5547bbf
SHA256

0142b14db825cca9f0d66a62f6c6abc66d232f31566ce6b140e3d6b2cf58b8fa
SHA512

3a256a24e2423f52d7ecd389b2ac073a6867954150e2052f892842c248fcd8c63c4171171bdfdc28b872969cdf02e9992f26f19097f62c0f237a1173e2375ce3
SSDEEP

384:SxhONiT+TRGLWk/thFTnVuWU+Fox+J1tJOpYAMgFi9TYZfOQqHXebFu:ahONiqIZDRVuT/GSpYAfiJgeQF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4968c9d3bb858974ec4fbd5fd25b0371_JaffaCakes118

Files

4968c9d3bb858974ec4fbd5fd25b0371_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2677d3e3eaf759cd694e215791e4148f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
toupper
_ftol
atoi
_snprintf
strstr
??2@YAPAXI@Z
strtok
__CxxFrameHandler
_vsnprintf
strncat
rand
strncpy
srand
ceil

kernel32

SetErrorMode
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetSystemDirectoryA
CopyFileA
SetFileAttributesA
CreateMutexA
ReleaseMutex
GetModuleFileNameA
GetShortPathNameA
MoveFileExA
lstrcpyA
lstrcatA
GetTempPathA
QueryPerformanceCounter
QueryPerformanceFrequency
GetStartupInfoA
GetEnvironmentVariableA
CreateProcessA
CreateThread
WinExec
lstrcmpA
GetVersionExA
GetTickCount
GetComputerNameA
Sleep
GetLocaleInfoA
GetLastError
lstrlenA
ExitProcess
CloseHandle
WaitForSingleObject

ws2_32

WSAStartup
send
getsockname
gethostbyname
inet_addr
closesocket
inet_ntoa
htons
WSACleanup
socket
connect
select
__WSAFDIsSet
WSASocketA
WSAIoctl
bind
ntohs
recv
setsockopt

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile

urlmon

URLDownloadToFileA

shell32

ShellExecuteA

advapi32

StartServiceCtrlDispatcherA
DeleteService
OpenSCManagerA
CreateServiceA
OpenServiceA
ChangeServiceConfig2A
StartServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
GetUserNameA

Sections

packerBY
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2677d3e3eaf759cd694e215791e4148f

Headers

File Characteristics

Imports

msvcrt

kernel32

ws2_32

wininet

urlmon

shell32

advapi32

Sections

packerBY Size: 16KB - Virtual size: 16KB

bero^fr Size: 40KB - Virtual size: 40KB

packerBY
Size: 16KB - Virtual size: 16KB

bero^fr
Size: 40KB - Virtual size: 40KB