e7801c3702c8baef03f3b6e36e776b46_JaffaCakes118

General

Target

e7801c3702c8baef03f3b6e36e776b46_JaffaCakes118
Size

37KB
MD5

e7801c3702c8baef03f3b6e36e776b46
SHA1

3fe1da5cb1435fe838c9025770fcd483502d8056
SHA256

44a4a64b82b137455b8bc4751d396d7fcab14e5023c31bea861f01ec52da4121
SHA512

eb2e64e3648f279cd171dbe567af98e8ac53c438bd25f1eb2928daa67ea106fed37d6f138ebe62a77e5d9bec99efa625a2dcfdcbfe61e4350e5b9573fd4a7c61
SSDEEP

384:PZYy0fEV3abF5YCKz1Xo0iGJA3xIG9u3znCr0C/60nWsp+C1GMMMSG9kuGZ+:BYswF5YCKxXoTiSOnCrb/6NsTH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7801c3702c8baef03f3b6e36e776b46_JaffaCakes118

Files

e7801c3702c8baef03f3b6e36e776b46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

998a445e3a6fb6c6281577b5a6ac0834

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
SetFileTime
CloseHandle
GetFileTime
CreateFileA
Sleep
DeleteFileA
LocalFree
WideCharToMultiByte
lstrlenW
GetCommandLineW
ExitProcess
lstrcpyA
CreateMutexA
GetVolumeInformationA
GetTempFileNameA
GetModuleFileNameA
GetTempPathA
GetUserDefaultLangID
FindNextFileA
FindFirstFileA
GetEnvironmentVariableA
GetTickCount
lstrcatA
GetStartupInfoA
LoadLibraryA
GetProcAddress
GetLastError
lstrlenA
GetModuleHandleA

user32

wsprintfA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetFolderPathA
CommandLineToArgvW

ws2_32

inet_addr
accept
WSAGetLastError
recv
gethostbyname
inet_ntoa
listen
bind
gethostname
ioctlsocket
htons

netapi32

NetShareEnum
NetApiBufferFree

msvcrt

_strcmpi
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_strdup
_acmdln
exit
_XcptFilter
_exit
time
_except_handler3
toupper
strstr
malloc
fclose
ftell
fseek
fopen
fwrite
fputs
fread
memset
strlen
sscanf
strcpy
free
strcat
abs
strrchr
strcmp
printf
atoi

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

998a445e3a6fb6c6281577b5a6ac0834

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

netapi32

msvcrt

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 67KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 67KB