07d94b95b3ae1e4dd1e7621b340c5e74_JaffaCakes118

General

Target

07d94b95b3ae1e4dd1e7621b340c5e74_JaffaCakes118
Size

40KB
MD5

07d94b95b3ae1e4dd1e7621b340c5e74
SHA1

9f82aa50c5e1780ebd6420583ba2df82c1fd97b8
SHA256

98fafe1fb96337fbc0589797e15312355aeeb650f380e0ffe9a3e3c80c1b649c
SHA512

1360b8cb7419206b66a4936a9330dc4607e91ef69c82a53dee2e8adfad0ee028fa90656a3ca3c8f13f4af9ce9be0fda8d9c554c81a1c963b7b9c7b786a59b9a0
SSDEEP

768:bdcpCMzl/oliodvqIecCzFR9a5+FtxmF1slL97GMSJ1doY:bdcbo/ZqfVaUZmF1WLBG7noY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07d94b95b3ae1e4dd1e7621b340c5e74_JaffaCakes118

Files

07d94b95b3ae1e4dd1e7621b340c5e74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9abd43c25433f74860f491f54ab79831

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
sendto
closesocket
recv
send
accept
listen
socket
inet_ntoa
connect
WSAGetLastError
htons
bind
select
__WSAFDIsSet
ioctlsocket
gethostbyname

kernel32

CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
CompareStringW
WriteFile
GetFileType
GetStdHandle
SetHandleCount
Sleep
WinExec
GetModuleFileNameA
CreateThread
GetProcAddress
LoadLibraryA
GetCurrentProcessId
SetEnvironmentVariableA
GetLastError
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
CloseHandle
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW

advapi32

RegSetValueExA
RegOpenKeyExA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9abd43c25433f74860f491f54ab79831

Headers

File Characteristics

Imports

wsock32

kernel32

advapi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 16KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 16KB