5eabff3e5f8ffb98848fb0607250a8fe_JaffaCakes118

General

Target

5eabff3e5f8ffb98848fb0607250a8fe_JaffaCakes118
Size

67KB
MD5

5eabff3e5f8ffb98848fb0607250a8fe
SHA1

625b6b46e83a3787ff115f9191b9f08cff888d9c
SHA256

79d2ca4e8c3d91106acd49d8dfa1f65ad5f49ce9916ea2013541f0e5a76c009e
SHA512

0df942dc9d1f1269d3231ee116aafe3f28915302668f0d13b4a0bc2f6cd24dcfe93a6ff9d44d0736667744edd05d0da263d4b6d8dd3ea1a97ad8e42398ebd146
SSDEEP

1536:KfPIUHV9wVEfUc1WZsB6LG+l768laljn5i7KQj:MLHDwa1WeBp+Q8wJno2M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5eabff3e5f8ffb98848fb0607250a8fe_JaffaCakes118

Files

5eabff3e5f8ffb98848fb0607250a8fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3cfe23e4e4799fa9b7496b03cd3a8f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
rand
strchr
srand
strstr
sscanf
atol
_errno
sprintf
malloc
isspace
atoi
strncpy
time

ws2_32

htonl
sendto
socket
WSASocketA
connect
WSAGetLastError
select
__WSAFDIsSet
htons
inet_addr
gethostbyname
recv
send
inet_ntoa
WSAStartup
getsockopt
shutdown
closesocket
setsockopt
getpeername
accept
bind
ioctlsocket

ntdll

_strnicmp
NtQuerySystemInformation

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
RegQueryValueExA

user32

wsprintfA

kernel32

LoadLibraryExA
FreeLibrary
GetLastError
ExitProcess
CreateMutexA
lstrcmpA
CloseHandle
CreateThread
lstrcmpiA
GetTempFileNameA
LoadLibraryA
CreateDirectoryA
GetModuleHandleA
GetProcAddress
GetVolumeInformationA
VirtualAlloc
GetTickCount
lstrcpyA
lstrcatA
GetThreadContext
SetThreadContext
ResumeThread
WaitForSingleObject
GetCurrentProcess
VirtualFree
lstrlenA
ExitThread
GetCurrentThread
SetThreadPriority
GetVersionExA
Sleep
lstrcpynA
InitializeCriticalSection
SetPriorityClass
GetComputerNameA

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3cfe23e4e4799fa9b7496b03cd3a8f5

Headers

File Characteristics

Imports

msvcrt

ws2_32

ntdll

advapi32

user32

kernel32

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 7KB - Virtual size: 145KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 7KB - Virtual size: 145KB

.rsrc
Size: 26KB - Virtual size: 26KB