2de80698ede8016263800d3e0eb3adbb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2de80698ede8016263800d3e0eb3adbb_JaffaCakes118
Size

60KB
MD5

2de80698ede8016263800d3e0eb3adbb
SHA1

47ca16534386291532e82ae04b7aaba79f9c60b1
SHA256

fdcc89f89bdbdf4b922f3fa25af24bdf50c39e9a3cf089f56e5264b7ed366fd2
SHA512

99ce1f50179b3b8f6ed1e1fa15a4a4f4f957f77d71880fff64e5d2330d37ef0a8cfb1aeeea95486aefecb622a9716e501eb803c18768503e5dc86127724a49c8
SSDEEP

768:r+wzWENQB66VhHl5TSdGb5/anljYSPxQKX0Qwtgn/xbz:fzWGA3S0b5/wSEQJZtM/xbz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2de80698ede8016263800d3e0eb3adbb_JaffaCakes118

Files

2de80698ede8016263800d3e0eb3adbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3104583a121eab7f8ccf92486756eca7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
OutputDebugStringA
WinExec
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
LoadLibraryA
WaitForSingleObject
ExitProcess
GetLastError
CreateMutexA
lstrlenA
CopyFileA
FreeLibrary
GetSystemInfo
LCMapStringA
SetStdHandle
GetProcAddress
CreateThread
CloseHandle
CreateProcessA
TerminateProcess
GetSystemDirectoryA
lstrcatA
lstrcpyA
GetCurrentProcessId
ExitThread
Sleep
GetModuleFileNameA
GetTickCount
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
HeapReAlloc
VirtualAlloc
SetFilePointer
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentStringsW
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
GetFileType
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings

user32

wsprintfA

advapi32

CreateServiceA
OpenServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA

ws2_32

__WSAFDIsSet
WSAIoctl
recv
socket
connect
send
WSAStartup
select
WSAGetLastError
setsockopt
htons
htonl
sendto
WSACleanup
inet_addr
gethostbyname
WSASocketA
closesocket

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3104583a121eab7f8ccf92486756eca7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 920B

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 920B