766aaa619dd1cc29c26b69dfad1d9f45_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

766aaa619dd1cc29c26b69dfad1d9f45_JaffaCakes118
Size

336KB
MD5

766aaa619dd1cc29c26b69dfad1d9f45
SHA1

c9f37cd4c73090757ff20d80112fb5f0bce1c07c
SHA256

13fe3c84231de0860a3feafbed365de89aeebcae792431edcbed6ddbdb09ce7e
SHA512

fcd844a835956a25af2f63cfc338ef2d9e9f50bccd623d173d097db6f54d0a5b7275bea2a0327dfb97097929f758600b2b8e60a260db5e8704ddb649fad32424
SSDEEP

6144:yrm5dO8iW5DWLc3rRvsRJMMpTv+rWcie9TBixh6zRz2zM:Mm5kWYLc3rRvsDtTv+Ccie9TYoaA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
766aaa619dd1cc29c26b69dfad1d9f45_JaffaCakes118

Files

766aaa619dd1cc29c26b69dfad1d9f45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

409621c2dab6378dc27f9dceca842483

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Perfiles\joliva\Mis Documentos\Proyectos\Actualize 1G\Desarrollo\Setups\GeneralWS\Vlicws\Release\VLICWS.pdb

Imports

iphlpapi

GetAdaptersInfo

kernel32

GetLastError
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
lstrlenA
CompareStringA
CompareStringW
EnterCriticalSection
LeaveCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
Sleep
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
WaitForSingleObject
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
InterlockedDecrement
GetCommandLineA
GetModuleFileNameA
TerminateProcess
RaiseException
CreateMutexA
LocalFree
DeleteFileA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetCurrentDirectoryA
DeviceIoControl
GetModuleHandleA
CloseHandle
CreateFileA
SetPriorityClass
GetCurrentProcess
FormatMessageA
HeapDestroy
HeapSize
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
SetEndOfFile
SetEnvironmentVariableA
GetTimeZoneInformation
GetLocaleInfoW
ReadFile
SetStdHandle
CreateProcessA
GetExitCodeProcess
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetFullPathNameA
OpenProcess
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetFilePointer
FlushFileBuffers
GetFileType
SetHandleCount
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
InterlockedIncrement
GetCurrentProcessId
GetStartupInfoA
RemoveDirectoryA
CreateDirectoryA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
GetFileAttributesA
GetOEMCP
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsBadWritePtr
VirtualFree
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess

user32

MessageBoxA

advapi32

RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegFlushKey
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoInitialize
CoUninitialize
CoCreateInstance

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

oleaut32

SysAllocString
SysAllocStringLen
VariantClear
VariantInit
SysFreeString

ws2_32

getservbyname
htonl
inet_ntoa
htons
WSAGetLastError
inet_addr
WSACleanup
gethostbyaddr
getservbyport
ntohs
WSACloseEvent
WSAEnumNetworkEvents
WSAConnect
WSAGetOverlappedResult
WSASend
WSAResetEvent
WSARecv
WSAEventSelect
WSASetEvent
WSACreateEvent
WSAStartup
closesocket
WSASocketA
shutdown
send
getpeername
recv
gethostbyname

Sections

.text
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

409621c2dab6378dc27f9dceca842483

Headers

File Characteristics

PDB Paths

Imports

iphlpapi

kernel32

user32

advapi32

ole32

shell32

oleaut32

ws2_32

Sections

.text Size: 196KB - Virtual size: 194KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 72KB - Virtual size: 95KB

.text
Size: 196KB - Virtual size: 194KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 72KB - Virtual size: 95KB