c173aac8f5277f9d80ffb3b86ec39c9d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c173aac8f5277f9d80ffb3b86ec39c9d_JaffaCakes118
Size

240KB
MD5

c173aac8f5277f9d80ffb3b86ec39c9d
SHA1

947f158e5190ef70255d4d7e5f6882d5d94fc945
SHA256

4876b3ca6577ad0f3e6a492d6a8e7472fcf8ced90dcd4aeb6538fee59dd18a5e
SHA512

9e83fbe5d44103fe5de5954be0100f3afd4271388d1804f9a6355e32511597f3a43b0cfb5e5067afb437bcc151eab89a0ddeb8662b3bfd04160c0cd54c93881e
SSDEEP

3072:nwppFZPy4U1C+uksf5XkyG867cvyelSkPyjpjjIAY22FjN50E4CQXcRtz:nwpZyNIDnq7cjwQgvFaR50EVQKtz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c173aac8f5277f9d80ffb3b86ec39c9d_JaffaCakes118

Files

c173aac8f5277f9d80ffb3b86ec39c9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08cda287c1fcf88731e4311c7871398a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\unmanarc\FAT\proyectos\urcs\Release\urcs.pdb

Imports

ws2_32

bind
htons
htonl
socket
WSAStartup
connect
listen
send
recv
sendto
inet_addr
recvfrom
setsockopt
accept
inet_ntoa
gethostbyname
closesocket

kernel32

FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
SetLastError
GetLastError
IsBadWritePtr
IsBadReadPtr
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
lstrcpyA
CreateFileA
SetThreadPriority
ResumeThread
GetCurrentThreadId
WaitForSingleObject
SetEvent
SuspendThread
CreateEventA
InterlockedDecrement
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
lstrcpynA
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
lstrcmpA
lstrcatA
GetModuleHandleA
GetFileAttributesA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
ExitProcess
RtlUnwind
RaiseException
GetFileType
SetEnvironmentVariableA
SetCurrentDirectoryA
GetSystemTimeAsFileTime
GetDriveTypeA
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitThread
CreateThread
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
SetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
LocalFree
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
Sleep
FindFirstFileA
FindNextFileA
FindClose
WinExec
MoveFileExA
MoveFileA
DeleteFileA
CreateDirectoryA
RemoveDirectoryA
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateProcessA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
lstrlenA
CopyFileA
OpenProcess
TerminateProcess
CloseHandle
GetFullPathNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetDiskFreeSpaceA
MulDiv
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
InitializeCriticalSection

user32

SetWindowTextA
ShowWindow
ClientToScreen
DestroyMenu
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
PostQuitMessage
GetPropA
RemovePropA
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetWindowTextA
UnhookWindowsHookEx
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
ExitWindowsEx
SendMessageA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

oleacc

CreateStdAccessibleObject
LresultFromObject

gdi32

SaveDC
RestoreDC
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
RectVisible
PtVisible
ExtTextOutA
DeleteObject
SetMapMode
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
TextOutA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

oleaut32

VariantChangeType
VariantClear
VariantInit

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 34.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08cda287c1fcf88731e4311c7871398a

Headers

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

advapi32

comctl32

oleacc

gdi32

winspool.drv

oleaut32

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 8KB - Virtual size: 34.6MB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 34.6MB

.rsrc
Size: 48KB - Virtual size: 47KB