2d35ad892f3f8b9a576a05b318acbccd_JaffaCakes118

General

Target

2d35ad892f3f8b9a576a05b318acbccd_JaffaCakes118
Size

36KB
MD5

2d35ad892f3f8b9a576a05b318acbccd
SHA1

74cc4385174483c3dfbc588bf18f89b23540de17
SHA256

7b807aca3644e945ebd9183ce7f14d248bb60d74f6fe9e461243e4738d8faad2
SHA512

03e705295c77bf2ef1cc8f9485bec793a04dbce414d97b7769762da308eacb73ea8ac73ed68e3dce211d32ca136115f27f6121018564ce9b5d383d3d2dabd6df
SSDEEP

768:KdMq+4YR0kAkDETF6OuZufnHb0HoAGGy:MM/4YR0kAkDcSZuPaoAGGy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d35ad892f3f8b9a576a05b318acbccd_JaffaCakes118

Files

2d35ad892f3f8b9a576a05b318acbccd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c47c67c9f3d73d118e9b8c76200500aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetProcAddress
LoadLibraryA
ExitProcess
DeleteFileA
GetShortPathNameA
SetEndOfFile
GetOEMCP
GetTickCount
lstrcatA
CreateDirectoryA
FindFirstFileA
lstrcpyA
Sleep
lstrlenA
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
CreateFileA
SetFilePointer
FlushFileBuffers
SetStdHandle
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetLastError
CloseHandle
WriteFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
ReadFile

user32

wsprintfA

advapi32

RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoInitialize

ws2_32

connect
closesocket
htons
select
__WSAFDIsSet
recv
send
gethostbyname
socket
WSAStartup

wininet

InternetConnectA
InternetOpenA
FtpGetFileA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c47c67c9f3d73d118e9b8c76200500aa

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

ws2_32

wininet

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 8KB