3e24f8dfaa8105ac0d1bf3254dfd34a8_JaffaCakes118

General

Target

3e24f8dfaa8105ac0d1bf3254dfd34a8_JaffaCakes118
Size

30KB
MD5

3e24f8dfaa8105ac0d1bf3254dfd34a8
SHA1

202ea41d57c4c03052e44d7331c4aa5e9fade67f
SHA256

b2bce840182fb987cff27e6e62847e2b947fa4b65ddbb38409d4793582395eb6
SHA512

ce7ad1de644b504221df102b5d79d077a35554958ecdd26a3ce76bb118f4b3b24346c40603b26194a7ff1ae6d6307e6e552fa59fe5278104c75ff9b6942beb15
SSDEEP

384:2LfUxG2I6AZJUvE/EyjMC57aXQfhTJmS6a7mlxSaGUjYI4GzVtXpqkLcpZC0wQwd:2L9rjzE/0JxJmuqvYIzXAkQiPQwt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e24f8dfaa8105ac0d1bf3254dfd34a8_JaffaCakes118

Files

3e24f8dfaa8105ac0d1bf3254dfd34a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aff42f6b17ada201a3412b8973933b7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
gethostname
ioctlsocket
inet_addr
WSAStartup
gethostbyname
inet_ntoa
closesocket
recv
WSACleanup
select
send
htons
socket

shell32

SHGetFolderPathA
ShellExecuteA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA

kernel32

GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
GetACP
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
GetOEMCP
LoadLibraryA
SetStdHandle
LCMapStringA
LCMapStringW
GetFileType
GlobalAlloc
ExitProcess
Sleep
GetLastError
GetModuleHandleA
GetCurrentProcess
GetProcAddress
ReleaseMutex
ExpandEnvironmentStringsA
GetTempPathA
GetTickCount
ExitThread
SetFileAttributesA
CopyFileA
GetModuleFileNameA
CloseHandle
VirtualFreeEx
VirtualFree
WriteProcessMemory
VirtualAlloc
VirtualAllocEx
IsBadReadPtr
CreateRemoteThread
OpenProcess
GlobalFree
WinExec
lstrcatA
lstrlenA
FlushFileBuffers
CreateThread
CreateMutexA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFilePointer
WriteFile
GetFileSize
CreateFileA
FindClose
FindNextFileA
GetFullPathNameA
SetCurrentDirectoryA
FindFirstFileA
GetDriveTypeA
GetSystemDirectoryA
GetVersionExA
GetLocaleInfoA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
HeapFree
HeapReAlloc

user32

wsprintfA
CharLowerA

urlmon

URLDownloadToFileA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aff42f6b17ada201a3412b8973933b7f

Headers

File Characteristics

Imports

ws2_32

shell32

advapi32

kernel32

user32

urlmon

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 11KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 11KB