d455268093bc5b8744801d7e06ed6abc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d455268093bc5b8744801d7e06ed6abc_JaffaCakes118
Size

140KB
MD5

d455268093bc5b8744801d7e06ed6abc
SHA1

99bc4ed6be7b68b91b0d8b9a2f9538f13658a6d1
SHA256

2b59ac269f22108844c07cf1c294494b1d4cf730639b4883130f77cfb521e72c
SHA512

a628fe112d32bcccd7d4a6d7b3a6e3f460477f279a62b5226b0824bdc33a715821a497c0f056f593569ecfbeeb2111d9f13c332ec2e5984ca7ebe41e9287782f
SSDEEP

1536:MlIJDk8lIk7ntHWcKd07zc2Cxoq0ZLrIMme41MTv6i8Zn7s2fJ:M6yrcnFKeIxoIcb87

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d455268093bc5b8744801d7e06ed6abc_JaffaCakes118

Files

d455268093bc5b8744801d7e06ed6abc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9221fd1d88179679ba584831748ef778

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetAddConnection2A
WNetCancelConnectionA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

oleaut32

SysAllocString
SysFreeString
VariantClear

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

ws2_32

connect
ioctlsocket
socket
closesocket

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_controlfp
_onexit
strlen
strncpy
memset
memcpy
strcat
rand
strcpy
??2@YAPAXI@Z
_EH_prolog
__CxxFrameHandler
malloc
sprintf
realloc
free
strstr
__dllonexit
_CxxThrowException
wcslen
srand
memcmp
_snprintf
strcmp
strtok
_vsnprintf
strchr
_stricmp
atoi

kernel32

CreateDirectoryA
GetModuleHandleA
lstrlenA
GetStartupInfoA
LocalFree
WideCharToMultiByte
MultiByteToWideChar
CreateMutexA
ExpandEnvironmentStringsA
TerminateThread
GetProcAddress
LoadLibraryA
GetLocaleInfoA
GetVersionExA
SetFileAttributesA
CopyFileA
CreateFileA
ExitThread
GetTickCount
ReleaseMutex
GetFileAttributesA
GetLogicalDriveStringsA
GetDriveTypeA
lstrcatA
WriteFile
CreateProcessA
WaitForSingleObject
lstrcmpiA
Sleep
ExitProcess
CreateThread
GetTempPathA
GetLastError
InterlockedDecrement
OpenProcess
TerminateProcess
CloseHandle
GetModuleFileNameA

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9221fd1d88179679ba584831748ef778

Headers

File Characteristics

Imports

mpr

advapi32

oleaut32

msvcp60

ws2_32

msvcrt

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 279KB

.rsrc Size: 110KB - Virtual size: 110KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 279KB

.rsrc
Size: 110KB - Virtual size: 110KB