e8e046311747c6d122b3fa7cef45f125_JaffaCakes118

General

Target

e8e046311747c6d122b3fa7cef45f125_JaffaCakes118
Size

88KB
MD5

e8e046311747c6d122b3fa7cef45f125
SHA1

332247b9959fe9af0e19e2fd44e27c4d96d7e62c
SHA256

506b313e2b314e838164ce377ef5bb9b26e8c27ea24ac25237b7a9d3b0891487
SHA512

213d37121f4c2eb180f5dd706d547a4bfc3452b51e7ffa4cabccebf98e5213b14e9b67d77aef0e27987701254330384891d157c33426cb402c2f523c28906c37
SSDEEP

768:rCEFbflmnWXyVbwyAXbpayUuqc2DxO+jaTvOEee+DMwZiB9Dh68AGv/OMvgeld2r:rcWvXb3hqcbjfQaxF+Mvgy2eozd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8e046311747c6d122b3fa7cef45f125_JaffaCakes118

Files

e8e046311747c6d122b3fa7cef45f125_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4b4931dbf8040fbe1c8ced322b3e83d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
FlushFileBuffers
SetEnvironmentVariableA
GetVersion
CompareStringA
SetStdHandle
LoadLibraryA
CompareStringW
GetTimeZoneInformation
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetLastError
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
GetSystemTime
GetLocalTime
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
RaiseException
GetProcAddress
HeapAlloc
WideCharToMultiByte
HeapReAlloc
HeapSize
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
MultiByteToWideChar
LCMapStringA
LCMapStringW
CloseHandle

user32

KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
PostMessageA

advapi32

GetUserNameA

ws2_32

socket
WSAStartup
connect
htons
inet_addr
gethostname
gethostbyname
closesocket
recv
send

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e4b4931dbf8040fbe1c8ced322b3e83d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 17KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 17KB