fd374a6812822b7ca02be10b8ffcdc19_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd374a6812822b7ca02be10b8ffcdc19_JaffaCakes118
Size

195KB
MD5

fd374a6812822b7ca02be10b8ffcdc19
SHA1

1ab8d157164b8cfdc49374a7a92db9688bb565de
SHA256

dd417a4269acd5c972f240d44e63c7b2537b8f05ad7f0e9dfe034a812f99cfeb
SHA512

43cbf4231f2401954bcb16d562e1d1345d983c9eb05334af4b209d2228f154baeaa759995a4d995f30e799db78d2fc8b5af259e0ea2f6ec5a6a7b5593217f979
SSDEEP

1536:M4yyS+cO7A+WqvAR4q/9hXMDVDauCXuX7+y15+A9PRGsGgi:M4lTLvAR4qlgDaOyyP+Kri

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd374a6812822b7ca02be10b8ffcdc19_JaffaCakes118

Files

fd374a6812822b7ca02be10b8ffcdc19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6d9894b7d0afb7aeb820082c1f84bde

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

wininet

FtpOpenFileA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetSetOptionA
InternetWriteFile

ws2_32

socket
recv
ntohs
inet_ntoa
htons
gethostname
gethostbyname
bind
WSAStartup
WSAIoctl
WSAGetLastError

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
CreateThread
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
GetACP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemDefaultLCID
GetTickCount
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalMemoryStatus
HeapAlloc
HeapFree
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetFilePointer
SetHandleCount
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile
GetVolumeInformationA

user32

EnumThreadWindows
MessageBoxA
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 138KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6d9894b7d0afb7aeb820082c1f84bde

Headers

File Characteristics

Imports

wininet

ws2_32

advapi32

kernel32

user32

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 52KB

.data Size: 138KB - Virtual size: 144KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: - Virtual size: 4KB

.text
Size: 49KB - Virtual size: 52KB

.data
Size: 138KB - Virtual size: 144KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: - Virtual size: 4KB