cef946cfefc4d44aac0a97cb6a44d448_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cef946cfefc4d44aac0a97cb6a44d448_JaffaCakes118
Size

39KB
MD5

cef946cfefc4d44aac0a97cb6a44d448
SHA1

9903e1937ac897c736023837e23caa94c0f7bc0e
SHA256

4f43d5d6c5919874539d9a2351fcdc8e0833044b378b33d8e5bd64218d248b6f
SHA512

a10a51aece935363512fcfed316c5a941b43d2bbc0773610d623f9aff8619b2040e53159b11832b72ee71e935242654eb3431f07f727144b944276c837152793
SSDEEP

384:Hi3QffvFWy1I2TSEMMHd/v1p0k7rFC7/TFI47PwVCH8u5ji0nLENBD:HMQffvFpDThV9XdFirTUgj/LED

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cef946cfefc4d44aac0a97cb6a44d448_JaffaCakes118

Files

cef946cfefc4d44aac0a97cb6a44d448_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32e6b67862f1171a97fc8fe8521eb7fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
SetPriorityClass
lstrcatA
SetThreadPriority
GetShortPathNameA
GetModuleHandleA
GetStartupInfoA
ResumeThread
CopyFileA
GetLastError
lstrlenA
GetModuleFileNameA
SetFileAttributesA
GetSystemDirectoryA
CreateProcessA
GetCurrentProcess
GetTickCount
CreateThread
ExitThread
Sleep
GetComputerNameA
lstrcpyA
LoadLibraryA
GetEnvironmentVariableA
GetProcAddress

user32

ExitWindowsEx
wsprintfA
MessageBoxA

comdlg32

GetFileTitleA

advapi32

RegSetValueExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
DeleteService
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
StartServiceA
CreateServiceA
CloseServiceHandle

mfc42

ord924
ord2915
ord2764
ord4129
ord800
ord535
ord2818
ord540
ord6877
ord939
ord4278
ord860
ord6663
ord858
ord922
ord6648
ord926
ord537

msvcrt

atoi
__CxxFrameHandler
srand
time
printf
strstr
_except_handler3
strtok
exit
free
malloc
strncmp
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
rand

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

ws2_32

gethostbyname
sendto
inet_addr
htons
setsockopt
WSASocketA
WSAStartup
inet_ntoa
gethostname
socket
htonl
send
connect
closesocket
recv
WSAGetLastError
WSACleanup

Sections

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

h1
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h1
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h2
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h3
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h4
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h5
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h6
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h7
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h8
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h9
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

32e6b67862f1171a97fc8fe8521eb7fd

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

mfc42

msvcrt

msvcp60

ws2_32

Sections

.data Size: 32KB - Virtual size: 31KB

.rsrc Size: 1024B - Virtual size: 4KB

h1 Size: 512B - Virtual size: 512B

h1 Size: 512B - Virtual size: 512B

h2 Size: 512B - Virtual size: 512B

h3 Size: 512B - Virtual size: 512B

h4 Size: 512B - Virtual size: 512B

h5 Size: 512B - Virtual size: 512B

h6 Size: 512B - Virtual size: 512B

h7 Size: 512B - Virtual size: 512B

h8 Size: 512B - Virtual size: 512B

h9 Size: 512B - Virtual size: 512B

.data
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 1024B - Virtual size: 4KB

h1
Size: 512B - Virtual size: 512B

h1
Size: 512B - Virtual size: 512B

h2
Size: 512B - Virtual size: 512B

h3
Size: 512B - Virtual size: 512B

h4
Size: 512B - Virtual size: 512B

h5
Size: 512B - Virtual size: 512B

h6
Size: 512B - Virtual size: 512B

h7
Size: 512B - Virtual size: 512B

h8
Size: 512B - Virtual size: 512B

h9
Size: 512B - Virtual size: 512B