2a64204792be2bda9e624235d2e7d3dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a64204792be2bda9e624235d2e7d3dc_JaffaCakes118
Size

85KB
MD5

2a64204792be2bda9e624235d2e7d3dc
SHA1

0b0f5dd6d53eeb57bc5bdcf114fa951a680d0359
SHA256

6da09afd65e8d4b010f1bc17ca60a07a72232d7418e175a1422de81133ca5bf5
SHA512

c8bd4fdc85afa5cbe5cce809eca60e2457f03b9c68770317edbbef500ec5a5407a259dd643e5060a57f7b1fcbbde5108b105ab1628430c36e4d719ad577200d1
SSDEEP

768:1lyB6/LbEsIpsiRRpeKQneT+DfQkpNEQRaIyz3048CEpuH8YqeCpF1t2TkcR+QWw:1lyBMap937dT270TbHzqeCprI1+Qqe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a64204792be2bda9e624235d2e7d3dc_JaffaCakes118

Files

2a64204792be2bda9e624235d2e7d3dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b63397121742fef3067783352c4e1323

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\temp\208.pdb

Imports

kernel32

_lread
GetFileSize
OpenFile
GetLocaleInfoA
_lwrite
_lclose
GetVolumeInformationA
CreateProcessA
GetSystemDirectoryA
FindFirstFileA
FindClose
OpenMutexA
FindNextFileA
CreateMutexA
GetVersionExA
GetTempPathA
SystemTimeToFileTime
GetTimeZoneInformation
GetLocalTime
GetSystemTime
WaitForMultipleObjects
GetLogicalDrives
ReadFile
SetCurrentDirectoryA
GetCurrentDirectoryA
GetTickCount
GetCommandLineA
GlobalSize
ExitProcess
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetModuleHandleA
DeleteFileA
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
LoadLibraryA
GetProcAddress
GetCurrentProcess
CreateFileA
CreateThread
ResumeThread
GetModuleFileNameA
lstrcatA
Sleep
SetUnhandledExceptionFilter

user32

wsprintfA

advapi32

RegSetValueExA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegCloseKey
RegOpenKeyA
DeleteService
ControlService
OpenSCManagerA
SetServiceStatus
QueryServiceStatus
RegisterServiceCtrlHandlerExA
ChangeServiceConfigA
StartServiceA
CreateServiceA
OpenServiceA

msvcrt

rand
__dllonexit
_onexit
srand
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit

shlwapi

StrCSpnA
StrSpnA

ws2_32

inet_addr
connect
ioctlsocket
getsockname
WSAGetLastError
gethostname
gethostbyaddr
WSAWaitForMultipleEvents
WSACreateEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACloseEvent
htons
shutdown
setsockopt
WSACleanup
recv
socket
closesocket
gethostbyname
inet_ntoa
send
WSAStartup
ntohl
select

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

iphlpapi

GetAdaptersInfo

dnsapi

DnsRecordListFree
DnsQuery_A

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b63397121742fef3067783352c4e1323

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

msvcrt

shlwapi

ws2_32

wininet

iphlpapi

dnsapi

Sections

.text Size: 85KB - Virtual size: 84KB

.text
Size: 85KB - Virtual size: 84KB