40538fcb1dc8cca12e974d732c0ba938_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40538fcb1dc8cca12e974d732c0ba938_JaffaCakes118
Size

35KB
MD5

40538fcb1dc8cca12e974d732c0ba938
SHA1

9cb7acd28abc0c4dd1494c1320acf4792ec9e326
SHA256

fed069c72c17c5ca6411a233c013076d5e0b889a28bc164e82ad7714451bd2c5
SHA512

91bfb58ced5ed70f8f90cf5084f50029c9f4c4cc7f3637700331ccf761d70745a22f70fcbae95ba7467bd9163de48524786e23e4fb5a86e14779368db7cff5ae
SSDEEP

384:xE2jftjCbwYzJr2Is/o0T8kVqttvsftXQwPWNhp0mplOQcBuOcPHPdGB3EeQf+Ht:xzVfYNr0ghsZQwPWNh3lWwOc031Q2ew9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40538fcb1dc8cca12e974d732c0ba938_JaffaCakes118

Files

40538fcb1dc8cca12e974d732c0ba938_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e57feb171e56843d9367075f43de68b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetVersionExA
ReadFile
SetFilePointer
CreateFileA
GetLastError
CopyFileA
GetSystemDirectoryA
GetModuleHandleA
GetStartupInfoA
GlobalMemoryStatusEx
GetModuleFileNameA
DeleteFileA
CreateProcessA
LoadLibraryA
GetProcAddress
WaitForSingleObject
lstrlenA
OutputDebugStringA
CreateThread
TerminateThread
CloseHandle
ExitThread
GetShortPathNameA
Sleep

user32

wsprintfA

advapi32

StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
DeleteService
CreateServiceA

mfc42

ord825
ord823
ord800
ord4160
ord540
ord2915
ord4129
ord6648
ord2764
ord537
ord2818
ord6282
ord2846

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_initterm
__getmainargs
_acmdln
_exit
_onexit
__dllonexit
strncmp
exit
memchr
memmove
strtok
__CxxFrameHandler
strchr
rand
sprintf
strstr
atoi
time
srand
_XcptFilter
_except_handler3

msvcp60

??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1_Winit@std@@QAE@XZ
?_Xran@std@@YAXXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

ws2_32

inet_addr
htons
closesocket
recv
send
WSAGetLastError
socket
ioctlsocket
setsockopt
__WSAFDIsSet
gethostbyname
WSAStartup
connect
select

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e57feb171e56843d9367075f43de68b9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

mfc42

msvcrt

msvcp60

ws2_32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 160B

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 160B