338c5a808352979af77352f19f279e6a_JaffaCakes118

General

Target

338c5a808352979af77352f19f279e6a_JaffaCakes118
Size

123KB
MD5

338c5a808352979af77352f19f279e6a
SHA1

1fc6533396ce47fc489fbb3fb87a987eee016bd7
SHA256

0238be0c1cb1feff930958e437502821059d120000d11ec4bb8eb62b789e153b
SHA512

fb23788d6921965931767b21a6319eed9eecc574b00d62117d7d1c5ee9e59f0e316fb1d155c0860c9321e23639b8318a9349bfe94beb2bc21b84f2426a5484e6
SSDEEP

1536:VIcJNM9KUmgs3AlGYolAnhh6IewG/taUms414z:VIc3Hgs3qGYolAmbms414z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
338c5a808352979af77352f19f279e6a_JaffaCakes118

Files

338c5a808352979af77352f19f279e6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9745657013c273019cfa2f7aa638036b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapFree
lstrcmpA
FindClose
FindNextFileA
UnmapViewOfFile
Sleep
FindFirstFileA
lstrcpyA
FreeLibrary
VirtualAlloc
GetProcAddress
LoadLibraryA
GetVersionExA
CreateThread
lstrcatA
GetFileSize
GetCurrentProcess
CreateProcessA
WriteFile
LockResource
LoadResource
FindResourceA
CopyFileA
GetSystemDirectoryA
ExpandEnvironmentStringsA
GlobalMemoryStatus
GetSystemTime
HeapAlloc
GetModuleHandleA
GetVersion
GetEnvironmentVariableA
CloseHandle
CreateFileA
GetProcessHeap
CreateFileMappingA
MapViewOfFileEx
GetModuleFileNameA
SetPriorityClass
GetCurrentProcessId
ExitProcess
TerminateProcess

user32

wsprintfA

advapi32

RegSetValueExA
RegFlushKey
RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
GetUserNameA

ws2_32

htonl
connect
htons
gethostbyname
socket
inet_ntoa
accept
recv
bind
send
WSAGetLastError
__WSAFDIsSet
select
ioctlsocket
inet_addr
WSAStartup
closesocket
listen

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9745657013c273019cfa2f7aa638036b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 12KB - Virtual size: 12KB

.rsrc Size: 110KB - Virtual size: 131KB

.text
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 110KB - Virtual size: 131KB