0a1b16ac5bd424c9cf78a2cfedb6b545_JaffaCakes118

General

Target

0a1b16ac5bd424c9cf78a2cfedb6b545_JaffaCakes118
Size

36KB
MD5

0a1b16ac5bd424c9cf78a2cfedb6b545
SHA1

3fedc8b6c8383d1b9b7a542df2e4014ad6f3a982
SHA256

45b07c75239e9acef24050324454a3cf8901cf65af9ac076b36c25c74fb055db
SHA512

bc3d6b9f2115abb0ed8ae0b08b08a4a66da2bc65d4307c781f6e374d2936d5d5861f7c4e0fc86796d4b73ac5352d64967aa26b22e60b413e09493c73bffef85d
SSDEEP

768:4pu8K922avrJX+uuRdTyl54H5g615oB4fp5PMHg/:4po9Zavr9mdT557jTB5P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a1b16ac5bd424c9cf78a2cfedb6b545_JaffaCakes118

Files

0a1b16ac5bd424c9cf78a2cfedb6b545_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40b791f4b8f773f32317a48c5d1a57f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
CreateEventA
CreateToolhelp32Snapshot
OpenProcess
TerminateProcess
Process32Next
CloseHandle
CreateProcessA
WaitForSingleObject
GetModuleFileNameA
lstrcmpiA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
HeapValidate
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
GetLastError
TlsGetValue
SetLastError
ExitProcess
GetSystemTimeAsFileTime
GetStartupInfoA
GetFileType
GetStdHandle
GetCurrentProcess
DuplicateHandle
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetConsoleCtrlHandler
GetConsoleMode
GetConsoleOutputCP
WriteFile
VirtualAlloc
VirtualQuery
MultiByteToWideChar
SetStdHandle
WideCharToMultiByte
SetFilePointer
DeleteFileA

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
OpenServiceA
QueryServiceStatus
DeleteService

ws2_32

WSAStartup
WSACleanup
getaddrinfo
freeaddrinfo
inet_ntoa
htons
inet_addr
socket
connect
closesocket

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

40b791f4b8f773f32317a48c5d1a57f9

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 6KB - Virtual size: 10KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 6KB - Virtual size: 10KB