3ae750a7c2e6ead0f5a5b67f0d53a7aa_JaffaCakes118

General

Target

3ae750a7c2e6ead0f5a5b67f0d53a7aa_JaffaCakes118
Size

180KB
MD5

3ae750a7c2e6ead0f5a5b67f0d53a7aa
SHA1

bd0114434217b188e23c06c58cd36a9edf44f79f
SHA256

bd85bd9a82d9df8b65f812d82b3f236f62ec8c55775426b9dea1b04d90b93228
SHA512

a35a8620170e8597746b591397409d7d54be89ddbe4d0c3c5e1754f6c6877ccd21970bfc8025e8d41fcd9e3a4f2c1eacaf9e57b3e3759c79ed5837b7e6c1b8f8
SSDEEP

3072:gcUgPKjCyT0gqPnml+ElQYOogWV8LhroZgULw3f1pvS:gcUfKgqPnmlxQYuWVXZy3jS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ae750a7c2e6ead0f5a5b67f0d53a7aa_JaffaCakes118

Files

3ae750a7c2e6ead0f5a5b67f0d53a7aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0226f67291e61279971017f2d30e0ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
LoadLibraryA
GlobalAlloc
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
HeapAlloc
CloseHandle
GetProcAddress
GetOEMCP
ExitProcess
CompareStringW
CompareStringA
GetACP
MultiByteToWideChar
CreateFileA
GetCPInfo
SetStdHandle
GetEnvironmentStringsW
FlushFileBuffers
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
SetFilePointer
ReadFile
UnhandledExceptionFilter
RtlUnwind
GetStringTypeA
GetTimeZoneInformation
GetCurrentDirectoryA
GetFullPathNameA
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
LCMapStringW
LCMapStringA
SetEndOfFile
SetEnvironmentVariableA
HeapFree
GetFileType
HeapDestroy
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersion
GetLastError
GetStringTypeW
HeapReAlloc
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
SetHandleCount
GetStdHandle

user32

MessageBoxA
PostQuitMessage
SetWindowPos
ReleaseDC
GetDC
EndPaint
GetClientRect
GetDesktopWindow
RegisterClassA
LoadCursorA
GetMessageA
CreateWindowExA
SetTimer
DefWindowProcA
TranslateMessage
DispatchMessageA
BeginPaint

gdi32

GetDeviceCaps
DeleteDC
CreateDIBSection
SelectObject
CreateCompatibleDC
BitBlt

wsock32

connect
WSAAsyncSelect
accept
closesocket
WSAStartup
WSAGetLastError
recv
send
htons
ioctlsocket
socket
bind
getsockname
listen
ntohs

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 84KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e0226f67291e61279971017f2d30e0ed

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wsock32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 84KB - Virtual size: 92KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 84KB - Virtual size: 92KB