966a261e3a2ce2e35db7f7b2d55c3ab6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

966a261e3a2ce2e35db7f7b2d55c3ab6_JaffaCakes118
Size

61KB
MD5

966a261e3a2ce2e35db7f7b2d55c3ab6
SHA1

e442928e523fc3fb9a71683a43798ec09bdd6e20
SHA256

5d94f58c4ce661082a419ef65400160ad9094b79cc88adf943b9c494d722f34c
SHA512

b11d9432deb6578bd55fc7735ffd0c282246f3fe15bbcf10d1e62773204efa4ddc565663436f63189ba82c7ed17843cdf23b2fa3e39be7963f8e4ae24a7d608b
SSDEEP

768:dzLU1EAUw0vdipurxks0UkGvw9n0xDQ50Aim8e5HH:JL4Uquks0UO10xD/md

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
966a261e3a2ce2e35db7f7b2d55c3ab6_JaffaCakes118

Files

966a261e3a2ce2e35db7f7b2d55c3ab6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6be06ccf7a754f083e5eafc067a8390

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord825
ord2414
ord3663
ord3626
ord2243
ord3619
ord537
ord6877
ord800
ord823

msvcrt

exit
_acmdln
__getmainargs
_initterm
wcstombs
strncmp
_adjust_fdiv
wcslen
_except_handler3
_mbsstr
_controlfp
_XcptFilter
_CxxThrowException
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
strstr
strncpy
tolower
isspace
isprint
free
sprintf
__CxxFrameHandler
isalnum
malloc
_stricmp

kernel32

LocalFree
GetStartupInfoA
GetModuleHandleA
GetCurrentThreadId
DeleteFileA
GetComputerNameA
WinExec
CreateThread
GetLocalTime
lstrlenW
Sleep
WriteFile
CreateMutexA
ReleaseMutex
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetVersionExA
CloseHandle
DeviceIoControl
CreateFileA
GetLastError
SetPriorityClass
GetCurrentProcess
ExitProcess

user32

TranslateMessage
DispatchMessageA
GetWindowLongA
GetMessageA
FindWindowExA
SetActiveWindow
wsprintfA
MessageBoxA
SendMessageTimeoutA
RegisterWindowMessageA
GetWindowRect
GetClientRect
BringWindowToTop
LoadCursorA
SetCursor
SetFocus
PostQuitMessage
FindWindowA
CreateWindowExA
ShowWindow
UpdateWindow
EnumChildWindows
SendMessageA
GetForegroundWindow
GetWindowTextA
GetClassNameA
WindowFromPoint
GetCursorPos
SetForegroundWindow
MoveWindow
PostThreadMessageA
GetInputState
DefWindowProcA
RegisterClassExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
VariantClear
SysAllocString

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Xlen@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

iphlpapi

GetAdaptersInfo

ws2_32

socket
htons
inet_addr
connect
closesocket
send
recv
WSACleanup
WSAStartup

shlwapi

StrStrIA

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f6be06ccf7a754f083e5eafc067a8390

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

ole32

oleaut32

msvcp60

iphlpapi

ws2_32

shlwapi

Sections

.text Size: 60KB - Virtual size: 59KB

.text
Size: 60KB - Virtual size: 59KB