773108e4556d07a03045629e69d69650_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

773108e4556d07a03045629e69d69650_JaffaCakes118
Size

32KB
MD5

773108e4556d07a03045629e69d69650
SHA1

5593fd3324c730574cc8212786f6cf270ec47aa7
SHA256

da9dd4fb5a16c06c6ba02a4ef133c5806a222bd72662f39ca5fe2bf6453c0701
SHA512

470d99843c1d936adca9f6a23eccfe985b73f950180aa843b3a64546f31ba445df7aa8caf9e3361b0dc3a16f1d962f1578961945c293d85270df1ca7e0f21580
SSDEEP

384:MnSmI9ZEPpZVHMKsIOY4lm78vdoEAWUDDiDNDkfVRaT8NSo9BIiB1yhnEliHSW0j:uWvhbveEAVdUJbi/yhEl3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
773108e4556d07a03045629e69d69650_JaffaCakes118

Files

773108e4556d07a03045629e69d69650_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ff6741bc285514e28658c54c82e71d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord354
ord350
ord540
ord860
ord823
ord5186
ord5651
ord1979
ord825
ord800
ord665
ord3318
ord5442
ord5773
ord6385
ord3663
ord3616
ord3127

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
atoi
_local_unwind2
__p___argc
__p___argv
sprintf
printf
strncpy
_except_handler3
memmove
__CxxFrameHandler
_stricmp
_snprintf

kernel32

GetCurrentProcess
CreatePipe
ExitThread
ReadFile
PeekNamedPipe
WriteFile
TerminateProcess
DuplicateHandle
TerminateThread
GetWindowsDirectoryA
WinExec
CreateFileA
SetFileTime
SystemTimeToFileTime
DisconnectNamedPipe
GetSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
WaitForMultipleObjects
GetStartupInfoA
GetModuleHandleA
LocalFree
LocalAlloc
Sleep
CloseHandle
CreateThread
CopyFileA
DeleteFileA
GetSystemDirectoryA
GetModuleFileNameA
CreateProcessA
GetFileTime

advapi32

RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CloseServiceHandle
CreateServiceA
OpenSCManagerA
DeleteService
ControlService
QueryServiceStatus
OpenServiceA
StartServiceA
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegSetValueExA

ws2_32

ntohl
WSACleanup
WSAStartup
htonl
inet_ntoa
select
recv
send
WSAGetLastError
inet_addr
htons
socket
ioctlsocket
connect
closesocket

secur32

InitSecurityInterfaceA

crypt32

CertFreeCertificateContext
CertOpenSystemStoreA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ff6741bc285514e28658c54c82e71d5

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

advapi32

ws2_32

secur32

crypt32

wininet

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 992B

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 992B