220b0e738febce0757e6bc3dd01d9a38_JaffaCakes118

General

Target

220b0e738febce0757e6bc3dd01d9a38_JaffaCakes118
Size

71KB
MD5

220b0e738febce0757e6bc3dd01d9a38
SHA1

bb96bffacc0da1c1574fb346173cce5d1d32610c
SHA256

bdcc2d910c1e8126722a254db672c5775b896bd69b03cf33450586e2301dc8ba
SHA512

32d9cb3dd10c5eeec878febd101c6af5a31d1099c26ae045ee16570bdf8083da173ae85b5c62be8d52bf36d0725883a3049b4d643bbcbfd70c74908f15d660e3
SSDEEP

1536:Zchf7LTotibMix8ZckKmmcIoOWd7yeyAb:Shf/jbJxFmmPd61yU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
220b0e738febce0757e6bc3dd01d9a38_JaffaCakes118

Files

220b0e738febce0757e6bc3dd01d9a38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5485ab87dac5da825efab81f6c595868

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jnfjgfghnvndfu\fidgduigyfud\main.pdb

Imports

ws2_32

ioctlsocket
listen
ntohl
inet_ntoa
inet_addr
select
recv
WSASocketA
socket
WSAConnect
WSACreateEvent
WSAGetOverlappedResult
send

msvcr71

malloc
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
atoi
fclose
fwrite
fputs
fseek
fopen
memset
free
_controlfp
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln

kernel32

GetWindowsDirectoryW
CreateFileW
MoveFileExA
GetDateFormatA
FreeResource
FindResourceA
LockResource
GetSystemDirectoryW
CreateEventA
GlobalMemoryStatus
LeaveCriticalSection
FileTimeToSystemTime
GetVolumeInformationA
QueryPerformanceCounter
GetSystemTime
GetLocalTime
CreateFileA
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
DeleteFileW
CreateDirectoryA
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualProtect
VirtualAlloc
GetCommandLineA
GetModuleHandleA
GetCurrentThreadId
GetProfileStringW
GetStartupInfoA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5485ab87dac5da825efab81f6c595868

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

msvcr71

kernel32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 32KB - Virtual size: 288KB

.rsrc Size: 1024B - Virtual size: 940B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 32KB - Virtual size: 288KB

.rsrc
Size: 1024B - Virtual size: 940B