2910effc2fab859dbf98a64563d3599b_JaffaCakes118

General

Target

2910effc2fab859dbf98a64563d3599b_JaffaCakes118
Size

33KB
MD5

2910effc2fab859dbf98a64563d3599b
SHA1

44661f19291e1f5b191a5efc1b3af1ad9f324709
SHA256

5df9f4bb64593a5123d5b75fe9506406f7e356307973d3842969d7fb2b715e06
SHA512

4771b08bac216058b451e5204d9e2fc8dc18cd132ed0b07ad9ecb57f354947a298179ac492f22ab5ebea6e738173bf372bd3bc112901960958b417dacf660784
SSDEEP

768:HOM+ZlwE5wUdH6oRgjua7hnBXMe8aqdGNujn:u/Zlx5wmH67ju2dKt90NY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2910effc2fab859dbf98a64563d3599b_JaffaCakes118

Files

2910effc2fab859dbf98a64563d3599b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

06447627370bf64b9c9bc9d3f4553f24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2846
ord2764
ord6648
ord2915
ord4129
ord5710
ord537
ord922
ord926
ord924
ord540
ord535
ord858
ord6663
ord860
ord4278
ord800
ord6877
ord2818
ord939

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
strncmp
strstr
strchr
strtok
exit
_mbscmp
printf
__CxxFrameHandler
atoi
rand
time
srand

kernel32

Sleep
ExitThread
GetSystemDirectoryA
TerminateThread
CreateProcessA
GetCurrentProcessId
GetTempPathA
CreateThread
GlobalMemoryStatus
GetVersionExA
HeapAlloc
GetProcessHeap
GetTickCount
GetStartupInfoA
GetModuleHandleA
CreateMutexA
GetLastError
CloseHandle

user32

wsprintfA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

ws2_32

gethostbyname
closesocket
connect
htons
inet_addr
socket
sendto
setsockopt
WSASocketA
WSAStartup
gethostname
send
htonl
inet_ntoa
WSAGetLastError
recv
__WSAFDIsSet
select

urlmon

URLDownloadToFileA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06447627370bf64b9c9bc9d3f4553f24

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

ws2_32

urlmon

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1KB - Virtual size: 242KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1KB - Virtual size: 242KB

.rsrc
Size: 14KB - Virtual size: 13KB