47120e0a2c636b59048b82ea7055d555_JaffaCakes118

General

Target

47120e0a2c636b59048b82ea7055d555_JaffaCakes118
Size

37KB
MD5

47120e0a2c636b59048b82ea7055d555
SHA1

69e8ce9f76ad5c8723086956f17d135ee87ee591
SHA256

b504be10deeee62e8b955fb7817bf44409aac23cb00fa069b57f0be31ed4dd6a
SHA512

0d976c4db3a7e5f363885f85809858dc0271a9eb2b356edc6b3f3c3c3c141721a93dd0452e517edcb84598f92c01f86d1eb1454cd8166c2e1c67408f209f891e
SSDEEP

768:iyTMn3V/6aWGS6vHcKrlbBt96h5jK4vHU8c0IUBU9vEjbQ0tCMULN359HZ:iyTMuGS6v8Krnt9wjjvHU8c0IUBU8bja

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47120e0a2c636b59048b82ea7055d555_JaffaCakes118

Files

47120e0a2c636b59048b82ea7055d555_JaffaCakes118
.dll windows:4 windows x86 arch:x86

74a7a86488a39ae3b178f1b38c7c33c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohl
getsockname
recvfrom
getpeername
bind
listen
WSAAccept
shutdown
WSAStartup
send
gethostbyname
setsockopt
htons
htonl
sendto
WSASocketA
ioctlsocket
connect
WSAGetLastError
select
__WSAFDIsSet
closesocket
inet_addr
inet_ntoa
recv

user32

wsprintfA

advapi32

RegOpenKeyA
RegEnumValueA
RegNotifyChangeKeyValue
RegCloseKey
RegQueryValueExA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

msvcrt

??2@YAPAXI@Z
_adjust_fdiv
floor
_strnicmp
_strdup
tolower
rand
time
fclose
??3@YAXPAX@Z
fwrite
_initterm
fopen
system
_ftol
strstr
sscanf
atol
fgets
srand
sprintf
realloc
isspace
atoi
strchr
free
malloc

kernel32

GetProcAddress
CreateEventA
WaitForSingleObject
CloseHandle
CreateThread
lstrcpyA
lstrcmpiA
LoadLibraryA
GetModuleHandleA
SetThreadPriority
lstrlenA
ExitThread
GetVersionExA
Sleep
GetFileAttributesA
GetSystemDirectoryA
lstrcatA
LeaveCriticalSection
GetTickCount
CreateMutexA
EnterCriticalSection
InitializeCriticalSection
CreateProcessA
GetCurrentThread

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.packet
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74a7a86488a39ae3b178f1b38c7c33c7

Headers

File Characteristics

Imports

ws2_32

user32

advapi32

wininet

msvcrt

kernel32

Sections

.text Size: 29KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 151KB

.packet Size: 2KB - Virtual size: 17KB

.text
Size: 29KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 151KB

.packet
Size: 2KB - Virtual size: 17KB