61ae345af555f0d16ded674b9623b82d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

61ae345af555f0d16ded674b9623b82d_JaffaCakes118
Size

44KB
MD5

61ae345af555f0d16ded674b9623b82d
SHA1

771240f305fc8a31a43e33cf396790c02e23f653
SHA256

4fb687847fb25bc0e8dc2ee2d6881c55875b4518262b49a9c595b20ef3f6dbc2
SHA512

6ec6d410b123e310da235f286b96edac5569a499e8a18f2aa2b9b34f2d4afbf04f0b6d9d430e28ba28c399daf82e4352f7e7fe4307263eff787e2871e0a1b7bc
SSDEEP

768:ryEX68RTsltJYDO2kh/wRRT1j7icuC62GzTS:rXFsSy2khkBg3S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61ae345af555f0d16ded674b9623b82d_JaffaCakes118

Files

61ae345af555f0d16ded674b9623b82d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efd3f3802ee29aa1d1cfa1fcb877754a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetModuleFileNameA
SetFileTime
GetFileTime
SetLastError
WaitForSingleObject
CreateThread
OutputDebugStringA
GetSystemDirectoryA
ExpandEnvironmentStringsA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemTime
GetStartupInfoA
MultiByteToWideChar
WriteFile
FlushFileBuffers
SetFilePointer
GetLocalTime
InterlockedDecrement
Sleep
GetTempPathA
DeleteFileA
GetLastError
CreateFileA
GetFileSize
ReadFile
CloseHandle
CopyFileA
GetVersionExA
lstrlenA
LocalFree
WideCharToMultiByte
GetModuleHandleA

user32

GetSystemMetrics

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
OpenServiceA
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
ChangeServiceConfigA

ole32

CoInitialize
OleRun
CoCreateInstance

oleaut32

VariantClear
SysAllocString
GetErrorInfo
SysFreeString

msvcrt

wcslen
_CxxThrowException
sprintf
malloc
time
_ftol
strncpy
printf
strstr
sscanf
??2@YAPAXI@Z
strrchr
strchr
free
rand
strncmp
srand
fclose
strtok
atoi
fgets
fopen
fprintf
gmtime
_stat
_stricmp
??3@YAXPAX@Z
__CxxFrameHandler
_splitpath
rename
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_strnicmp
??1type_info@@UAE@XZ

netapi32

Netbios

ws2_32

gethostname
WSAStartup
WSACleanup
send
select
connect
recv
closesocket
gethostbyname
htons
socket
__WSAFDIsSet

wininet

DeleteUrlCacheEntry

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

efd3f3802ee29aa1d1cfa1fcb877754a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

netapi32

ws2_32

wininet

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 13KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 13KB