499d3e290fe97667c60bc029d46df4cc_JaffaCakes118

General

Target

499d3e290fe97667c60bc029d46df4cc_JaffaCakes118
Size

176KB
MD5

499d3e290fe97667c60bc029d46df4cc
SHA1

84ba250f0a274bac566c29335cad33c51867cb86
SHA256

cda8f3d4ee40a8988e4be48811e1525de2314a389478c49de80288f84fa98581
SHA512

eaa4c9b29d0ee7eed44ff2df244de6579dc76d61b4163342ae49ea6c46da52c2f4a6875500639061e8e9abeadafcc138d7d80566dce92003191ec7d271e528ce
SSDEEP

3072:bk9QVKg8Os7sAApABIEIm3RR5g3OOpG23fgYAnKZlowPwsba2KTs4Yc5d:A9QVKg8TEOaE93k3fgYiKYnNYc5d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
499d3e290fe97667c60bc029d46df4cc_JaffaCakes118

Files

499d3e290fe97667c60bc029d46df4cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

949958bcb5e7f5bdb1727b1bbd0eee73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
CopyFileA
GetModuleFileNameA
GetSystemDirectoryA
TerminateProcess
OpenProcess
CloseHandle
GetLastError
CreateMutexA
WriteFile
LockResource
CreateFileA
LoadResource
SizeofResource
FindResourceA
GetProcAddress
LoadLibraryA
Sleep
CompareStringW
CompareStringA
SetEndOfFile
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetEnvironmentVariableA

user32

DispatchMessageA
TranslateMessage
GetMessageA
GetWindowThreadProcessId
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
DefWindowProcA
SetTimer

ws2_32

connect
htons
socket
gethostbyname
gethostname
closesocket
recv
send
WSACleanup
WSAStartup

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

949958bcb5e7f5bdb1727b1bbd0eee73

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 52KB - Virtual size: 51KB