3af61e3a3105cc39bfa302187dca2ae2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3af61e3a3105cc39bfa302187dca2ae2_JaffaCakes118
Size

21KB
MD5

3af61e3a3105cc39bfa302187dca2ae2
SHA1

cc4924b709b5a9ceca4a30654c9d167390c2bc32
SHA256

cdf56f99821720bdf8fc51836e4337141c9979391685fc2e740680f5a48d0706
SHA512

1f9f2fe25833054fece981333c6a0170cdd854e91a2983ab6de06ff63ed754fb4d47fcf47d2a6c60fd6915ea44a3d8a71e0a964750cd427c6b43318d2daeb541
SSDEEP

384:JOCZamHu7gv+f63KsL9/5kGgb2vbXdBac+J:AJmO0rZBMcdgcs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3af61e3a3105cc39bfa302187dca2ae2_JaffaCakes118

Files

3af61e3a3105cc39bfa302187dca2ae2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87006636d091e1a6dc1765e79130fd15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord540
ord2818
ord535
ord537
ord2764
ord6648
ord4129
ord800
ord2915
ord823
ord825

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_CxxThrowException
_stricmp
??1type_info@@UAE@XZ
free
_onexit
__dllonexit
_except_handler3
exit
strncmp
atoi
strstr
strchr
strtok
time
srand
rand
printf
realloc
malloc
_ftol
sprintf
__CxxFrameHandler
wcslen

kernel32

WideCharToMultiByte
LocalFree
CloseHandle
TerminateThread
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
MultiByteToWideChar
GlobalMemoryStatus
GetStartupInfoA
GetModuleHandleA
CopyFileA
SetFileAttributesA
GetLastError
lstrlenA
GetProcessHeap
GetComputerNameA
CreateThread
GetSystemDirectoryA
GetModuleFileNameA
GetVersionExA
InterlockedDecrement
ExitThread
Sleep
GetCurrentProcessId
GetTickCount
HeapAlloc
GetShortPathNameA

user32

wsprintfA

comdlg32

GetFileTitleA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CloseServiceHandle
RegOpenKeyA
StartServiceA
OpenServiceA
CreateServiceA
OpenSCManagerA
RegSetValueExA

shell32

ShellExecuteA

oleaut32

SysFreeString
VariantClear
SysAllocString

ws2_32

closesocket
WSAGetLastError
send
__WSAFDIsSet
select
connect
recv
inet_ntoa
socket
WSAStartup
WSASocketA
setsockopt
htons
inet_addr
gethostbyname
sendto
htonl
gethostname

urlmon

URLDownloadToFileA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87006636d091e1a6dc1765e79130fd15

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

comdlg32

advapi32

shell32

oleaut32

ws2_32

urlmon

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 1KB - Virtual size: 242KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 1KB - Virtual size: 242KB