5ec03fe2568b2a3d7b9e0fabf08d02ad_JaffaCakes118

General

Target

5ec03fe2568b2a3d7b9e0fabf08d02ad_JaffaCakes118
Size

10KB
MD5

5ec03fe2568b2a3d7b9e0fabf08d02ad
SHA1

a9a4d9cd4e94705ed6a56012c85ffbddffaf26a6
SHA256

c85ea7c0ae385554b658129cf956d45c0cc3260ccdd247f172cae7abd714dc96
SHA512

3f6ffd054f381a2a7c2225796e4bd3207b3c630db0baf152d76487ff52da69f157c1577acd155fb3cc2dc62321f448cc4b34ccfcb8b144cc1701bc3d466ff9a6
SSDEEP

192:ItactnmGvz8HtjUpg2p7GIz4WnnXCwBlLGGnP1oynz2MfW:IQcUGvz8HtE6IUWVlLGGP1BO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ec03fe2568b2a3d7b9e0fabf08d02ad_JaffaCakes118

Files

5ec03fe2568b2a3d7b9e0fabf08d02ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5db9cb44117c888dad4dedfe1bd365b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
CopyFileA
GetLongPathNameA
GetSystemDirectoryA
GetModuleFileNameA
GetLastError
CreateMutexA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
Sleep
WinExec
ReadFile
CloseHandle
CreateProcessA
GetStartupInfoA
CreatePipe
GetCurrentDirectoryA
lstrlenA
GetModuleHandleA
WaitForSingleObject
TerminateThread
CreateThread
GetSystemTime
GetShortPathNameA

ws2_32

recv
__WSAFDIsSet
select
send
WSACleanup
inet_addr
htons
WSAStartup
WSASocketA
closesocket
shutdown
connect
ioctlsocket

advapi32

RegSetValueExA
RegDeleteValueA
RegOpenKeyA
RegCloseKey

wininet

InternetCloseHandle
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile

shell32

ShellExecuteExA

msvcrt

fseek
_strnicmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_itoa
strcpy
strncat
strlen
atol
atoi
strstr
strrchr
free
sscanf
strncpy
fclose
fread
_chdir
fopen
memset
??2@YAPAXI@Z
??3@YAXPAX@Z
fflush
fwrite
strcat

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5db9cb44117c888dad4dedfe1bd365b0

Headers

File Characteristics

Imports

kernel32

ws2_32

advapi32

wininet

shell32

msvcrt

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 27KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 27KB