64640b8f5aa68643d7864fe3f1e68bfb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64640b8f5aa68643d7864fe3f1e68bfb_JaffaCakes118
Size

72KB
MD5

64640b8f5aa68643d7864fe3f1e68bfb
SHA1

08968f3843a7264969f70c35dc3a22bcc357efbe
SHA256

70929280140c9f5e2e8f2f672b9a5bc2224cd559a06f1344f1370550ce52eb7e
SHA512

4d199ca6b67fcb3f095d8d0d974e38e7a3a1a2ac9349623a8f1881e113a88f4d7ef4a6846c22da9179deeb384f694e40ef51be2abf9f0562dbc96d51679c8102
SSDEEP

768:KtsL3Aq0aumj8m3z3vigRQJvOyDCl8P/VUKwEkhzsw6oSjg0iS3d1cIauHp59/Zd:8Z55ml3DqB9WwkrZ1IUuHbPoEzCw1k2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64640b8f5aa68643d7864fe3f1e68bfb_JaffaCakes118

Files

64640b8f5aa68643d7864fe3f1e68bfb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1448371778f8eace0b3478ebbfe36bb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\MPLAB_NET\src\MPRIICD3CMD\Release_RealICE\MPRealICECMD.pdb

Imports

kernel32

CloseHandle
CreateFileA
Sleep
GetVersionExA
ReadFile
MulDiv
GetModuleHandleA
GetProcAddress
WaitForSingleObject
GetSystemInfo
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

CLSIDFromString
CoTaskMemFree
CoGetClassObject
CoInitialize
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries

oleaut32

VariantClear
VariantInit

msvcp71

?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr71

_getch
_stricmp
_close
printf
strlen
sscanf
strpbrk
strncpy
strcpy
__CxxFrameHandler
mbstowcs
strcat
strncmp
_dup
fclose
memset
fgets
ftell
fseek
fopen
free
fflush
fputc
fsetpos
fgetpos
_purecall
memcmp
_iob
wcstombs
wcslen
sprintf
wcscmp
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
malloc
_callnewh
__security_error_handler
_except_handler3
??1type_info@@UAE@XZ
_c_exit
_exit
_XcptFilter
_cexit
exit
__p___initenv
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
__dllonexit
_onexit
_controlfp
??3@YAXPAX@Z
_fileno

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1448371778f8eace0b3478ebbfe36bb2

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

ole32

oleaut32

msvcp71

msvcr71

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 840B

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 840B