53412995358d9cc75ff246aab67b6f14_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

53412995358d9cc75ff246aab67b6f14_JaffaCakes118
Size

526KB
MD5

53412995358d9cc75ff246aab67b6f14
SHA1

1733b37f2d75767605543db39c1d36f4bce04bde
SHA256

5a21e3f4ef1cde0cd99251a60b26f7fb495fa35b02144d70318780fa0cfa077a
SHA512

7a6f5f02fbc42260962d7ed2738ab2b82d0cff116e752b1e4e5ffbbb3dd27d12e688e738a6cf0282421bd8f7884e4fcd233722ed88f7ca0b768a14ce2f3ec550
SSDEEP

12288:cbYutN1YTyql/8BjfAq/aEn6Z4Fpi7Va1GweILXRjpHGDcjgLByHB:KYTyqd8j9/adZYk7w1GweILXRjpKcjgs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53412995358d9cc75ff246aab67b6f14_JaffaCakes118

Files

53412995358d9cc75ff246aab67b6f14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f46852492ba14d97250dcad33ed4df4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

z:\120-[ModBot]-V1.0.rar\120-[ModBot]-V1.0\120\120.pdb

Imports

kernel32

DeleteFileA
CloseHandle
CreateProcessA
OpenProcess
GetCurrentProcessId
Sleep
GetLastError
CopyFileA
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
ExitProcess
WaitForSingleObject
CreateMutexA
GetTickCount
MoveFileA
GetTempPathA
CreateThread
ExitThread
ReadFile
SetFilePointer
GetFileSize
CreateFileA
GetLocalTime
WriteFile
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
GetCurrentProcess
CreatePipe
WideCharToMultiByte
MultiByteToWideChar
GetComputerNameA
GetTimeFormatA
GetDateFormatA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
TerminateProcess
GetLogicalDrives
TransactNamedPipe
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadLibraryA
GetProcAddress
lstrcpynA
lstrcmpA
lstrcpyA
lstrlenA
GetLocaleInfoA
GetVersionExA
GlobalMemoryStatus
TerminateThread
CreateEventA
CompareStringW
CompareStringA
VirtualQuery
SetEndOfFile
GetTimeZoneInformation
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
DebugBreak
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
InterlockedIncrement
InterlockedDecrement
HeapValidate
IsBadReadPtr
RtlUnwind
GetSystemTimeAsFileTime
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetCurrentThread
GetStdHandle
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSection
GetModuleFileNameW
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
RaiseException
QueryPerformanceCounter
FreeEnvironmentStringsA

user32

wsprintfA

ws2_32

inet_addr
connect
WSACleanup
WSAStartup
socket
gethostbyname
htons
bind
listen
select
send
__WSAFDIsSet
accept
recv
closesocket
ioctlsocket
setsockopt

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 421KB - Virtual size: 421KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f46852492ba14d97250dcad33ed4df4

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

ws2_32

version

Sections

.text Size: 421KB - Virtual size: 421KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 18KB - Virtual size: 331KB

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 421KB - Virtual size: 421KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 18KB - Virtual size: 331KB

.rsrc
Size: 512B - Virtual size: 176B