fbe335ac161c89e560cccf5de7990872_JaffaCakes118

General

Target

fbe335ac161c89e560cccf5de7990872_JaffaCakes118
Size

28KB
MD5

fbe335ac161c89e560cccf5de7990872
SHA1

6b6471c7800e353e8f960f339aba00f6ab2397c4
SHA256

27b3628dac2cce6cd14ff4a46c5424945ce6622ac9f5a9da05dc8e5f884686ed
SHA512

9dbbabe5878864418bd9a099e10720f5b0a3755c1a3fb9147311d7feb14c327526c0e1d1f7ccb6eddc2c6eec4f6d28ad6fd9c7c2af01df6dfe68c08bfb78b3cc
SSDEEP

384:asmj2EfJtChhQbaNq8/METsZS8zGdnWQzU1bseOQ:dmjPaN5Lq5zGQQzmbse

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbe335ac161c89e560cccf5de7990872_JaffaCakes118

Files

fbe335ac161c89e560cccf5de7990872_JaffaCakes118
.exe windows:4 windows x86 arch:x86

695ed4a1d8ee7bcdfba183b0b69b4b0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetVersionExA
lstrlenA
CreateMutexA
GetSystemDirectoryA
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
CreateProcessA
TerminateProcess
GetLastError
ExitProcess
WaitForSingleObject
CloseHandle
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetTickCount
CreateThread
CopyFileA
Sleep
ExitThread
GetModuleHandleA
lstrcatA
GetStartupInfoA

user32

wsprintfA

advapi32

CreateServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegQueryValueExA

ws2_32

WSAStartup
send
select
__WSAFDIsSet
recv
gethostbyname
htons
socket
closesocket
setsockopt
WSAIoctl
connect
inet_addr

msvcrt

_exit
_adjust_fdiv
_controlfp
__set_app_type
__p__fmode
realloc
malloc
strstr
atoi
strncpy
strcspn
sprintf
localtime
time
strncmp
_except_handler3
free
rand
__setusermatherr
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__p__commode

iphlpapi

GetIfTable

Exports

Exports

heiyuxhj

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

695ed4a1d8ee7bcdfba183b0b69b4b0d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

msvcrt

iphlpapi

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB