7732d22eb4d69380bc7633be41831127_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7732d22eb4d69380bc7633be41831127_JaffaCakes118
Size

45KB
MD5

7732d22eb4d69380bc7633be41831127
SHA1

7b5fb262503ebc29fef9051b73026d0439967aef
SHA256

e33f14c5f8646bbca80898f1c1071595968187bc78fed0c877e95dd8d87c4208
SHA512

62e4d6a6a189a7438194977c3c61c4ae660225fbf366720e60635dfa9594028c064c231dcbdad4f320d1f07da0aa3cb8008e8690e193fcae435f5179a3984aea
SSDEEP

768:LcK8hSplYPCOj/xswvg/d0SMjaOkmBD32RzF4NCQaqIt:4QpArj5sBd0SmaOj24NCQaqI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7732d22eb4d69380bc7633be41831127_JaffaCakes118

Files

7732d22eb4d69380bc7633be41831127_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46ff83986c3af1571ddbd68bc9186f18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

sendto
closesocket
recv
WSAGetLastError
socket
inet_addr
htons
setsockopt
gethostname
WSASocketA
connect
send
WSAAsyncSelect
WSAStartup
WSACleanup
htonl
gethostbyname

mfc42

ord2764
ord823
ord561
ord815
ord690
ord1988
ord800
ord5356
ord5808
ord5204
ord3229
ord2818
ord540
ord389
ord2846
ord537
ord825
ord4129
ord6648

msvcrt

fwrite
fclose
strstr
fread
fseek
fopen
sprintf
rand
srand
time
fputs
memmove
_stricmp
atoi
strncpy
strcspn
__CxxFrameHandler
exit
strtok
strchr
strncmp
_except_handler3
_strlwr
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
printf
_itoa
_controlfp

kernel32

GetStartupInfoA
GetProcessHeap
HeapAlloc
ExitThread
TerminateThread
GetVersionExA
GetComputerNameA
GlobalMemoryStatus
ExitProcess
GetVersion
GetCurrentProcessId
FreeLibrary
GetSystemTime
SetSystemTime
GetTempPathA
CreateProcessA
ResumeThread
GetFileSize
FindResourceA
LoadResource
LockResource
SizeofResource
WriteFile
GetCurrentProcess
GetFileTime
CreateFileA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetFileTime
GetModuleHandleA
GetTickCount
CreateMutexA
GetLastError
lstrcmpiA
ExpandEnvironmentStringsA
GetWindowsDirectoryA
GetLocalTime
LoadLibraryA
GetProcAddress
CreateThread
CreateDirectoryA
RemoveDirectoryA
MoveFileA
SetFileAttributesA
GetLogicalDrives
GetDriveTypeA
GetVolumeInformationA
GetLogicalDriveStringsA
lstrcpyA
lstrcatA
FindFirstFileA
FindNextFileA
lstrcmpA
FindClose
GetModuleFileNameA
GetSystemDirectoryA
GetFileAttributesA
CloseHandle
TerminateProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
DeleteFileA
WinExec
CopyFileA
GetCurrentDirectoryA

user32

UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
PostQuitMessage
DefWindowProcA
GetMessageA
EnumChildWindows
GetForegroundWindow
GetWindowLongA
GetClassNameA
MessageBoxA
PostMessageA
GetCursorPos
WindowFromPoint
GetParent
GetWindowTextA
TranslateMessage
DispatchMessageA
IsWindow
SendMessageA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
OpenServiceA
OpenSCManagerA
CreateServiceA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
DeleteService
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
QueryServiceStatus
StartServiceA
RegCloseKey
RegSetValueExA
RegCreateKeyA

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ

shlwapi

SHDeleteKeyA
PathAppendA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46ff83986c3af1571ddbd68bc9186f18

Headers

File Characteristics

Imports

ws2_32

mfc42

msvcrt

kernel32

user32

advapi32

shell32

urlmon

msvcp60

shlwapi

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 253KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 253KB

.rsrc
Size: 6KB - Virtual size: 5KB