4ceba9a3feacf1778462fa90cee66de8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4ceba9a3feacf1778462fa90cee66de8_JaffaCakes118
Size

3.7MB
MD5

4ceba9a3feacf1778462fa90cee66de8
SHA1

21f3bb085c8d1c1c61a235df960c163c37971ad3
SHA256

a4050b94cc889ffa466dc62695081070bf57851fefb06df39b09a4c3c9082094
SHA512

022f8417f5040918cb1947e7713c99f08e3732f8d284cf53155a33b8f723848660934326af9bbffadf18976d3dbe48fb0d320ae0fe481edb8b4322cd1837e50f
SSDEEP

49152:YJEveigc6G/3INxQ7tqTvzUYeufB7kh4KA0PoQyZXmib9f3jSVDiABGJqT5+GP:F+gCzUYeufB7kh4KA0gQyZTfCWA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ceba9a3feacf1778462fa90cee66de8_JaffaCakes118

Files

4ceba9a3feacf1778462fa90cee66de8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69c08d7186e3f31b9af9905783673d06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsnicmp
memmove
towupper
realloc
wcsncat
_CxxThrowException
swscanf
isdigit
strtol
sprintf
strlen
strrchr
strncpy
strchr
__dllonexit
rand
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
__p___winitenv
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_wtoi
towlower
wcsstr
wcstok
_wcslwr
memcmp
iswdigit
_wtol
wcschr
wcsrchr
wcscat
time
localtime
fwprintf
fflush
vswprintf
_wcsicmp
wprintf
_iob
memcpy
??2@YAPAXI@Z
_EH_prolog
__CxxFrameHandler
memset
wcscpy
malloc
_wfopen
free
fclose
fgetws
wcslen
wcsncpy
srand
wcscmp
swprintf
abs
_onexit
??3@YAXPAX@Z

wsock32

WSACleanup
WSAStartup
gethostname
closesocket
send
select
recv
htons
getservbyname
ioctlsocket
gethostbyname
socket
setsockopt
connect
WSAGetLastError
inet_ntoa
getsockopt
ntohl
htonl

kernel32

GetVersionExW
CreateFileW
GetLastError
CloseHandle
GetStdHandle
ReadFile
WriteFile
Sleep
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
lstrcmpiW
GetProcAddress
LoadLibraryW
FreeLibrary
GetModuleHandleW
QueryPerformanceCounter
QueryPerformanceFrequency
GetEnvironmentVariableW
GetFileType
GetFileSize
FindClose
FindNextFileW
FindFirstFileW
GetCurrentProcessId
SetFilePointer

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69c08d7186e3f31b9af9905783673d06

Headers

File Characteristics

Imports

msvcrt

wsock32

kernel32

advapi32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 12KB - Virtual size: 72KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 72KB

.rsrc
Size: 4KB - Virtual size: 1KB