01107bea6f1a605595418f42c3dfe316_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01107bea6f1a605595418f42c3dfe316_JaffaCakes118
Size

660KB
MD5

01107bea6f1a605595418f42c3dfe316
SHA1

01a2b5950c1975e9cb3d1abd519496b46d44031e
SHA256

bb48019d748775883bc49d46fd7d1c9d160beec6dbbbec92f00b102dd05d517c
SHA512

f5a2a0f5feb8011047ab83ff115a3790ce6e04b6600b84cbd4f5ac28160649a779574d8a54840f9271caa3ce204ad2061147789d97b21923861f0d9802d8ee81
SSDEEP

12288:cLsFqr1TL7RbNMUaHP5x9a55nndc1c2obY77P6TZkCGJf1Sd1I27:PFqrt9xMUav5InIocXyTOt+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01107bea6f1a605595418f42c3dfe316_JaffaCakes118

Files

01107bea6f1a605595418f42c3dfe316_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ff2a023dca5f197ada5cf65e9de2f13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ord459
ord428
ord430
ord450
ord64
ord484
ord494
ord472

comctl32

ord86

gdi32

ord527
ord46
ord406
ord19
ord141

kernel32

ord432
ord254
ord395
ord247
ord775
ord231
ord802
ord883
ord539
ord709
ord351
ord597
ord435
ord336
ord240
ord372
ord466
ord363
ord475
ord676
ord50
ord348
ord80
ord613
ord130
ord361
ord93
ord404
ord398
ord205
ord209
ord913
ord647
ord486
ord629
ord317
ord645
ord112
ord374
ord840
ord476
ord534
ord498
ord509
ord502
ord491
ord577
ord151
ord565
ord895
ord564
ord856
ord316
ord839
ord183
ord846
ord847
ord845
ord319
ord703
ord844
ord908
ord525
ord875
ord128
ord878
ord517
ord519
ord266
ord429
ord446
ord606
ord109
ord704
ord184
ord515
ord521
ord431
ord239
ord334
ord364
ord881
ord441
ord578
ord658
ord766
ord527
ord408

psapi

ord15

shell32

ord359
ord365
ord317

user32

ord683
ord315
ord86
ord452
ord436
ord346
ord162
ord679
ord201
ord446
ord268
ord14
ord600
ord677
ord644
ord152
ord514
ord154
ord159
ord512
ord420
ord276
ord57
ord197
ord444
ord567
ord572
ord435
ord457
ord647
ord635
ord429
ord274
ord599
ord223
ord641
ord432
ord596
ord199
ord331
ord477
ord659

wininet

ord220

ws2_32

WSAStartup
inet_addr
htonl
inet_ntoa
closesocket
socket
sendto
select
__WSAFDIsSet
recvfrom
htons
htons
htonl
WSACleanup

iphlpapi

ord104
ord46
ord41
ord28
ord105

ole32

ord18
ord60

wpcap

ord46
ord60
ord27
ord51
ord29
ord10

Sections

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aspr
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ff2a023dca5f197ada5cf65e9de2f13

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

psapi

shell32

user32

wininet

ws2_32

iphlpapi

ole32

wpcap

Sections

Size: 80KB - Virtual size: 80KB

Size: 16KB - Virtual size: 16KB

Size: 20KB - Virtual size: 20KB

.rsrc Size: 200KB - Virtual size: 200KB

Size: 4KB - Virtual size: 4KB

.data Size: 304KB - Virtual size: 304KB

.adata Size: 4KB - Virtual size: 4KB

aspr Size: 24KB - Virtual size: 24KB

.mackt Size: 4KB - Virtual size: 4KB

.rsrc
Size: 200KB - Virtual size: 200KB

.data
Size: 304KB - Virtual size: 304KB

.adata
Size: 4KB - Virtual size: 4KB

aspr
Size: 24KB - Virtual size: 24KB

.mackt
Size: 4KB - Virtual size: 4KB