45937b3693f8c322da4cb8c8fe504ccc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45937b3693f8c322da4cb8c8fe504ccc_JaffaCakes118
Size

18KB
MD5

45937b3693f8c322da4cb8c8fe504ccc
SHA1

02e4d8c3f1b6493d7b47c2b7bbca88bbb279fb92
SHA256

69d96bbc685ab69c644a79f5b5e585f9498e9b27a2a485ec92843b01cdceb75d
SHA512

f9c521b02df0cd8c322dfe8b377ab1ff2f46a6d18a47202d2098103cc5b42ec4f68df87e8d388cf8f2a863f5c2453cc2a94e9e1a8d93e5984aa28932098152fb
SSDEEP

384:B0qbURWVU1vSzbUSIPcvPRuoq2HQOUsdzs5zohH0Ng61jXwF5:B0qb+183IUv1HQOzdzdx0K8jXwF5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45937b3693f8c322da4cb8c8fe504ccc_JaffaCakes118

Files

45937b3693f8c322da4cb8c8fe504ccc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9239d5a6d6333a5719310b5fb46baa8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
GetThreadContext
CreateProcessA
lstrcatA
GetSystemDirectoryA
TerminateProcess
GetLastError
ResumeThread
SetThreadContext
WriteProcessMemory
VirtualAllocEx
GetModuleHandleA
lstrcmpiA
GetModuleFileNameA
CreateMutexA
ReleaseMutex
GetStartupInfoA
CreateThread
CloseHandle
DeleteFileA
GetFileAttributesA
lstrcpyA
InterlockedDecrement
WideCharToMultiByte
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
lstrlenA
CopyFileA
LocalFree

user32

wsprintfA

advapi32

RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA

ole32

OleRun
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

GetErrorInfo
SysFreeString
VariantClear

wininet

HttpSendRequestA
InternetReadFile
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
InternetOpenA

netapi32

Netbios

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Xlen@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z

msvcrt

_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
exit
wcslen
_CxxThrowException
strchr
_strnicmp
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
free
_stricmp
atoi
strncpy
strcspn
strstr
__CxxFrameHandler
_except_handler3
printf
??2@YAPAXI@Z
sprintf
strncat

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9239d5a6d6333a5719310b5fb46baa8a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

netapi32

msvcp60

msvcrt

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 4KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 4KB