2731e81229fa4b0b1a52bf06cbbded6b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2731e81229fa4b0b1a52bf06cbbded6b_JaffaCakes118
Size

178KB
MD5

2731e81229fa4b0b1a52bf06cbbded6b
SHA1

87af754b85ef48fd929a675b2a4eec05fd8f75bc
SHA256

ec9ef2d0c7a9bc3e46b8a19332aaf17743638f2e9e45331d549556fbd4f6ced6
SHA512

f6b3f150edd64a1bde2711b1024d48f1adebed128db4dce0d5243456e8b09752707c0636b14473b7bfb8c1fa3f79ada0372ac16298693df7623d79ce08c8026d
SSDEEP

3072:6Rru1zonn5ynWQo5eTq97UX8h0dizJGEl/LwAGV/ATUfkTClIuBWKY1R:6Ry1CnQsem9gXJ8JLDwDdATUfkTClNBI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/nastroit_internet_na_telefone_yutel.exe

Files

2731e81229fa4b0b1a52bf06cbbded6b_JaffaCakes118
.zip
nastroit_internet_na_telefone_yutel.exe
.exe windows:4 windows x86 arch:x86

92660e52b2f932507ad13dd3fad35834

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
CreateFileW
VirtualAlloc
LoadLibraryA

user32

LoadIconA
LoadCursorA

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
isdigit
time
srand
rand

advapi32

RegOpenKeyA
RegQueryValueExW
RegSetValueExW
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueW
RegCreateKeyW
RegCloseKey

Sections

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata52
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata51
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata5
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ggg14
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ggg13
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ggg12
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
readme.txt

Sharing

General

Malware Config

Signatures

Files

92660e52b2f932507ad13dd3fad35834

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

Sections

.data Size: 1KB - Virtual size: 2KB

.rdata52 Size: 30KB - Virtual size: 30KB

.rdata51 Size: 1024B - Virtual size: 1000B

.rdata5 Size: 200KB - Virtual size: 200KB

.text Size: 4KB - Virtual size: 3KB

ggg14 Size: 2KB - Virtual size: 1KB

ggg13 Size: 2KB - Virtual size: 1KB

ggg12 Size: 2KB - Virtual size: 2KB

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 512B - Virtual size: 44KB

.data
Size: 1KB - Virtual size: 2KB

.rdata52
Size: 30KB - Virtual size: 30KB

.rdata51
Size: 1024B - Virtual size: 1000B

.rdata5
Size: 200KB - Virtual size: 200KB

.text
Size: 4KB - Virtual size: 3KB

ggg14
Size: 2KB - Virtual size: 1KB

ggg13
Size: 2KB - Virtual size: 1KB

ggg12
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 512B - Virtual size: 44KB