224054c17fed97cdc7ac99efe4c83a1e_JaffaCakes118

General

Target

224054c17fed97cdc7ac99efe4c83a1e_JaffaCakes118
Size

18KB
MD5

224054c17fed97cdc7ac99efe4c83a1e
SHA1

77fd30f7e1bb022017ec731b598ae90a68e30087
SHA256

2b7174796e77cd724437be91fd67788e0cbb660694db477392bf5fca70561918
SHA512

f609dd1ca110b33fd43b638ce507c5702089f6bdfdce3f57e8b0b5e71dffc1b14da765859561b24ed739c1e26ea878db856942acb75de8b4ee6bfaaa45ee9645
SSDEEP

192:ECXPbiKwOPWXhNE7gF2vu8UqvV7vBzGETp2Q9O1zqzSWyqkWDE8vQWnhYco:ECPuYYHZF4nF2Q4qzSW3kWDE8vQWmc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
224054c17fed97cdc7ac99efe4c83a1e_JaffaCakes118

Files

224054c17fed97cdc7ac99efe4c83a1e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

681b96c3140a7572b84a708ff86e5a81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord540
ord1168
ord2846
ord2818
ord537
ord2764
ord6648
ord4129
ord800
ord2915

msvcrt

_adjust_fdiv
malloc
_initterm
free
__CxxFrameHandler
strncmp
atoi
strstr
rand
srand
strchr
strtok
exit
time
printf

kernel32

TerminateThread
ExitThread
GetSystemDirectoryA
CreateThread
Sleep
GetCurrentProcessId
GetTickCount
HeapAlloc
GetProcessHeap
GetTempPathA
CreateProcessA
CreateMutexA
GetLastError
ExitProcess
GetVersionExA
GlobalMemoryStatus
CloseHandle

user32

wsprintfA

advapi32

DeleteService
OpenSCManagerA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
OpenServiceA

urlmon

URLDownloadToFileA

ws2_32

select
sendto
gethostbyname
inet_addr
htons
setsockopt
WSASocketA
WSAStartup
gethostname
htonl
send
closesocket
connect
socket
inet_ntoa
recv
__WSAFDIsSet

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

681b96c3140a7572b84a708ff86e5a81

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

urlmon

ws2_32

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 242KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 242KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB