cdf6f2330b7eddd7b721d46eb1cbcd36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cdf6f2330b7eddd7b721d46eb1cbcd36_JaffaCakes118
Size

108KB
MD5

cdf6f2330b7eddd7b721d46eb1cbcd36
SHA1

9668c5407b8de04f254c1bccfb80e70f60068cac
SHA256

b8d9c5467015a6b2fa69e521dbe18a7f0c5d6759166eabb1c37ad2dc6d0be8e5
SHA512

b0f7c3ba117b5e4c06d1a595d45911d78386a5f72a63b4d6d4e7390864433efe4a9fb92b2490c40c87b5dcf6688bdbb71b6fe8ea8695ab62514d4460f5b577f6
SSDEEP

1536:FSZskbpJLB9/6U18lvieqSAslHFBD7Bh+DF0z:FSZJpJL/6U18lQ/6Lph+DF0z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdf6f2330b7eddd7b721d46eb1cbcd36_JaffaCakes118

Files

cdf6f2330b7eddd7b721d46eb1cbcd36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

faa736b90862f35b80a87e92c1a8b64c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\llomo\client\NetWorkDNS\Release\SmartNet.pdb

Imports

kernel32

CreateThread
VirtualProtect
GetLocaleInfoA
FlushFileBuffers
CloseHandle
LCMapStringA
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
MultiByteToWideChar
DeleteFileA
GetTickCount
WinExec
GetTempPathA
GetTempFileNameA
GetSystemDirectoryA
GetModuleFileNameA
CopyFileA
Sleep
LCMapStringW
GetCurrentThreadId
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
HeapSize
IsBadWritePtr
ExitProcess
GetLastError
WriteFile
GetFileType
CreateFileA
RtlUnwind
RaiseException
ReadFile
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
SetHandleCount
GetStdHandle
SetFilePointer
SetEndOfFile
HeapFree
SetUnhandledExceptionFilter
InterlockedExchange
VirtualQuery
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetSystemInfo

user32

PostThreadMessageA

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
CreateServiceA
CloseServiceHandle
StartServiceA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
ControlService
StartServiceCtrlDispatcherA

urlmon

URLDownloadToFileA

sensapi

IsNetworkAlive

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

faa736b90862f35b80a87e92c1a8b64c

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

urlmon

sensapi

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 48KB - Virtual size: 47KB