195f2f6142014817b043c31f68255f5c_JaffaCakes118

General

Target

195f2f6142014817b043c31f68255f5c_JaffaCakes118
Size

12KB
MD5

195f2f6142014817b043c31f68255f5c
SHA1

5d77901192b07513d350d0aeff2e63abee2a0824
SHA256

19b6bbff7f9dc716c714709ee88ba1ba48c827a69a5b7a6a4bbc039e5ad4cb55
SHA512

89c93985fcf03a2bcb7fea48220816b6c2521da0015b5ee7728d4b6236a59969cba6fe2d9f7a61993a5a9d6fefed703bf987c2ff71dd9955d867251225d5e297
SSDEEP

192:0dUWKFBFgGIz05Pd/ipC4Eg2pro8A+rAVADEYO2P1oynccXT2GDg9Rd4vSLG:UUdHFLI+liCn08A6E/g1qLRdrLG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
195f2f6142014817b043c31f68255f5c_JaffaCakes118

Files

195f2f6142014817b043c31f68255f5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c62d9d167732f7eadb0df38c1e86a45d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
Sleep
WaitForSingleObject
GetSystemTime
CreateThread
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ReadFile
CloseHandle
CreateProcessA
GetStartupInfoA
CreatePipe
GetCurrentDirectoryA
GetLongPathNameA
GetModuleHandleA

ws2_32

inet_addr
htons
WSASocketA
closesocket
connect
ioctlsocket
WSACleanup
send
select
__WSAFDIsSet
recv
shutdown
WSAStartup

wininet

InternetOpenA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetConnectA

shell32

ShellExecuteExA

msvcrt

_strnicmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
atol
_chdir
fwrite
fflush
??3@YAXPAX@Z
_itoa
memset
atoi
strlen
sscanf
fclose
strcat
ftell
fseek
fopen
strcpy
strstr
??2@YAPAXI@Z
fread
strncat

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c62d9d167732f7eadb0df38c1e86a45d

Headers

File Characteristics

Imports

kernel32

ws2_32

wininet

shell32

msvcrt

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 26KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 26KB