f1c10effc51d6bc429c0ba44b4bd0616_JaffaCakes118

General

Target

f1c10effc51d6bc429c0ba44b4bd0616_JaffaCakes118
Size

35KB
MD5

f1c10effc51d6bc429c0ba44b4bd0616
SHA1

98c539199a45db392164b0010fd6f195b39e931d
SHA256

a5891de0eb97aa32c246ce45f49c9ea08c719e4ab49df432d511689d152142d0
SHA512

46d42464c7581b84ff9daf93983130ade59984c505f3b640356beb89ae3629590f77306e0d3be53b34bc41d999ec21824d062525f413e037d77f33531c624e98
SSDEEP

768:NbQ2fRWhY2yu9lh0PuE5J0V57KQ9wRQsAwiGReeUd7+rrPYh:Nb2VyuRyuE5J0VFKQ9waDGoeM+XPYh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1c10effc51d6bc429c0ba44b4bd0616_JaffaCakes118

Files

f1c10effc51d6bc429c0ba44b4bd0616_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1db6ee2c6c9fb764854d8c57b8040e01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
lstrcpyA
FreeLibraryAndExitThread
ExitProcess
CreateProcessA
GetVersion
GetStartupInfoA
WriteFile
SetFileAttributesA
lstrlenA
GetEnvironmentVariableA
lstrcpynA
ExitThread
SetLastError
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateThread
CloseHandle
OpenFile
GetTickCount
GetWindowsDirectoryA
Sleep
TerminateThread
HeapAlloc
GetTempPathA
HeapFree
GetProcessHeap
HeapReAlloc

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

user32

wsprintfA
CharUpperBuffA

ws2_32

getsockopt
WSAGetLastError
listen
WSAStartup
getsockname
bind
select
connect
inet_addr
recv
gethostbyname
htons
setsockopt
htonl
send
__WSAFDIsSet
shutdown
closesocket
socket
ioctlsocket
accept

shlwapi

StrStrA
StrChrA
StrToIntA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1db6ee2c6c9fb764854d8c57b8040e01

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ws2_32

shlwapi

wininet

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 9KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 9KB

.reloc
Size: 2KB - Virtual size: 1KB