4d0cdf49ececffc09e43ea004510a174_JaffaCakes118

General

Target

4d0cdf49ececffc09e43ea004510a174_JaffaCakes118
Size

11KB
MD5

4d0cdf49ececffc09e43ea004510a174
SHA1

6a4b112db04cc078dc3eabe5147ab793e5f4e3a6
SHA256

edfd530848ab8e2ab313950f8ebf59eef37afcb00e25e08f2490e8ba4b0b091d
SHA512

3c9e8013f78d354663231bbf04a261a504ee8f8b955b5fec546420e4ba5244c677e78d74e03dc50b6f23ec53972a328de50a03136afe50a779bbcb56e50b3a9d
SSDEEP

192:lt20HbuoAHTzqkndHNUQX1iZ3cGJmZA3O+M56Akvl9J4ZTjgVf0:iyVeTzNntNtXkmGJmO3O+u6L9JI2s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d0cdf49ececffc09e43ea004510a174_JaffaCakes118

Files

4d0cdf49ececffc09e43ea004510a174_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45d0c77ea647d51a856769d21450c264

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateThread
GetLastError
GetTickCount
WinExec
CreateMutexA
CloseHandle
OpenMutexA
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime

ws2_32

WSAStartup
gethostname
gethostbyname
inet_ntoa

mpr

WNetAddConnection2A

rpcrt4

RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA
RpcBindingFree
RpcRaiseException
NdrPointerBufferSize
NdrConformantStringBufferSize
NdrPointerMarshall
NdrConformantStringMarshall
NdrConvert
NdrConformantArrayUnmarshall
NdrClientInitializeNew
NdrNsGetBuffer
NdrNsSendReceive
NdrFreeBuffer

msvcr80

_controlfp_s
_invoke_watson
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
malloc
free
sprintf
printf
_initterm_e
rand
srand
strncmp
strrchr
_except_handler4_common
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm
memset

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45d0c77ea647d51a856769d21450c264

Headers

File Characteristics

Imports

kernel32

ws2_32

mpr

rpcrt4

msvcr80

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 428B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 428B