f9ec7b6f8a116fd50a4cab5e690efad0_JaffaCakes118

General

Target

f9ec7b6f8a116fd50a4cab5e690efad0_JaffaCakes118
Size

119KB
MD5

f9ec7b6f8a116fd50a4cab5e690efad0
SHA1

1a942553062cc867cd3d95633f28ac3c47e6b3eb
SHA256

70f6d487776c2b29c0607758a2652276977c51d07ba3070dbbac5e8f7121e59f
SHA512

90d71bc83836a64d6436e15420a610216e69373e2ec785f89a372dc7b22595e416ad41394813333836075db128628fe70effe761a3dc9229138294c63ca19099
SSDEEP

1536:3LJe8kK74fOaPofcanil2bedbJR+kzZmgQDcJXdbNtJa/+lj6sDPZnJU8:3dFkKMfOaPo0bqeXZmgQAJXdbNi/+l/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9ec7b6f8a116fd50a4cab5e690efad0_JaffaCakes118

Files

f9ec7b6f8a116fd50a4cab5e690efad0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e07d33b7bc0c89a0adeeeb414228c08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

WSASocketA
WSAIoctl
gethostbyname
connect
send
recv
WSAStartup
socket
WSAGetLastError
WSACleanup
htons
bind
listen
select
__WSAFDIsSet
accept
closesocket

kernel32

GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetStdHandle
InterlockedExchange
VirtualQuery
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
GetVersionExA
GetModuleFileNameA
DeleteFileA
Sleep
CloseHandle
Process32Next
TerminateProcess
OpenProcess
VirtualProtect
CreateToolhelp32Snapshot
MoveFileA
GetLastError
CreateProcessA
CreateDirectoryA
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetSystemInfo
GetLocaleInfoA
SetEndOfFile
ReadFile
LCMapStringA
Process32First
IsBadWritePtr
FlushFileBuffers
SetConsoleCtrlHandler
GetCurrentProcessId
LCMapStringW
IsBadReadPtr
HeapValidate
GetSystemTimeAsFileTime
DebugBreak
RaiseException
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
SetHandleCount
GetFileType
HeapAlloc
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetProcessHeap
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteExA
SHChangeNotify

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e07d33b7bc0c89a0adeeeb414228c08

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

shell32

Sections

.text Size: 104KB - Virtual size: 104KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 8KB - Virtual size: 8KB