74a50a5705e2af736095b6b186d38ddf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74a50a5705e2af736095b6b186d38ddf_JaffaCakes118
Size

73KB
MD5

74a50a5705e2af736095b6b186d38ddf
SHA1

fc121db04067cffbed04d7403c1d222d376fa7ba
SHA256

4efd425eb9841e2ed19e0933735be736f099dbd2c7ab791241217f4b8937ce9d
SHA512

ad19663fc593cf2a05393acdabb0485bac2e4cd5cf3fe5752ffee6f7e5bd8864f7119a01b70524c5bc8269f6806219b1cf1868010bb3390defadcb8286f2b8a1
SSDEEP

1536:c7jJshCn2+5B9G6w4H4MajTqusuPfY1FLZQtjFH/Z3G:c7jb5BHHtaS4YzStjv2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74a50a5705e2af736095b6b186d38ddf_JaffaCakes118

Files

74a50a5705e2af736095b6b186d38ddf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3ba40797bac6506437c1d05754c32960

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

socket
htons
inet_addr
connect
closesocket
recv
send
gethostbyname
inet_ntoa
gethostname
WSAGetLastError
WSAStartup

kernel32

IsDebuggerPresent
LCMapStringW
GetProcessHeap
SetEndOfFile
GetStringTypeW
CreateFileW
HeapReAlloc
HeapAlloc
OutputDebugStringA
GetLocalTime
GetDriveTypeA
GetLogicalDrives
FindClose
GetLastError
FindNextFileA
FileTimeToSystemTime
FindFirstFileA
WinExec
DeleteFileA
CloseHandle
WriteFile
CreateFileA
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
ReadFile
PeekNamedPipe
Sleep
CreateProcessA
CreatePipe
ExitProcess
GetModuleFileNameA
CreateThread
TerminateThread
GetExitCodeThread
GetTickCount
WaitForSingleObject
LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapSize
EncodePointer
DecodePointer
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
RtlUnwind
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteConsoleW
MultiByteToWideChar
GetCPInfo

user32

MessageBoxA

shell32

SHGetFileInfoA

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ba40797bac6506437c1d05754c32960

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

shell32

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 11KB

.vmp0 Size: 12KB - Virtual size: 11KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 11KB

.vmp0
Size: 12KB - Virtual size: 11KB

.reloc
Size: 3KB - Virtual size: 2KB