6f7bc20c1301cf2d253849a35d641690_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6f7bc20c1301cf2d253849a35d641690_JaffaCakes118
Size

30KB
MD5

6f7bc20c1301cf2d253849a35d641690
SHA1

a5dd622aafc5660e60eacdc6862d001f0a57cd2e
SHA256

ac1595c23a40c0e4f96c13249f8c9e359e4ac1e1f6fea81fefc975f306be2f8a
SHA512

8adb87c1e3aa6a34f6d7eabb711d5d0186490e786b3236b1dec5134d8668113b9d708486dde880887c9c308cb11f8baeb6eef6b41f1b8b291dc8500cd60aa589
SSDEEP

768:us68KDQu+Q4iCM1fr75JjdS6i04oVga5:bKxV1fr7bjdS8Z5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f7bc20c1301cf2d253849a35d641690_JaffaCakes118

Files

6f7bc20c1301cf2d253849a35d641690_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7f996fc66a88bbd90f1124d36cbe59a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
PathRemoveFileSpecA

wininet

InternetCheckConnectionA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetQueryDataAvailable
InternetReadFile
InternetAttemptConnect
InternetOpenA

mfc42

ord924
ord922
ord2919
ord2820
ord3811
ord5651
ord3616
ord3663
ord6385
ord1979
ord5442
ord535
ord3318
ord665
ord3127
ord5186
ord350
ord354
ord941
ord2393
ord690
ord1988
ord6657
ord6881
ord1074
ord5204
ord6426
ord389
ord6283
ord538
ord6282
ord939
ord6876
ord2764
ord6877
ord860
ord4277
ord858
ord4278
ord5710
ord4129
ord825
ord1575
ord537
ord540
ord2818
ord800
ord815
ord561
ord823

msvcrt

_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
free
_mbschr
atoi
fseek
ftell
fread
_mbstok
_getdrive
_chdrive
_snprintf
_EH_prolog
__CxxFrameHandler
_mbscmp
printf
fopen
fwrite
fclose
time
srand
malloc
rand

kernel32

CreateFileA
GetLastError
Sleep
GetModuleHandleA
GetCommandLineA
FormatMessageA
FileTimeToSystemTime
FindClose
FindNextFileA
FindFirstFileA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetComputerNameA
MoveFileExA
CreateProcessA
CloseHandle
GetFileSize
WriteFile
GetModuleFileNameA

user32

TranslateMessage
DispatchMessageA
GetMessageA
SetTimer
KillTimer

advapi32

StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceA
ChangeServiceConfig2A
OpenServiceA
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle

msvcp60

??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ

Sections

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7f996fc66a88bbd90f1124d36cbe59a

Headers

File Characteristics

Imports

shlwapi

wininet

mfc42

msvcrt

kernel32

user32

advapi32

msvcp60

Sections

.data Size: 29KB - Virtual size: 29KB

.rsrc Size: 160B - Virtual size: 160B

.data
Size: 29KB - Virtual size: 29KB

.rsrc
Size: 160B - Virtual size: 160B