6130b9ede2374763413c4a6ddfe7f347_JaffaCakes118

General

Target

6130b9ede2374763413c4a6ddfe7f347_JaffaCakes118
Size

268KB
MD5

6130b9ede2374763413c4a6ddfe7f347
SHA1

ff95ff04bb04c67e136419e9f9cdf98dba453087
SHA256

587ea127f9900f06974fa15056e421f7533214e770f7675314204f064f21e0e0
SHA512

94e752baa74d11dd92c1677fd6563b5ad34c8f460c1f9ef6179c24c6894a8ab12e1ea7fdc571135529e797d5100bd4574f8cf71754a65afd0a6d1354afb8697c
SSDEEP

6144:jAg8nWYc3WxW83yUv3nImNHSIAW88n3kalnx2GkTGepNN:jH8WY6WxtCU/ImdSI1k/GslpNN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6130b9ede2374763413c4a6ddfe7f347_JaffaCakes118

Files

6130b9ede2374763413c4a6ddfe7f347_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a962457a05b329de34dc4c5c609b6e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
strncmp
tolower
malloc
_ftol
rand
srand
memset
__CxxFrameHandler
memmove
_itoa
_strupr
_except_handler3

kernel32

SizeofResource
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
GetStartupInfoA
IsBadWritePtr
GetFileAttributesA
SetFileAttributesA
DeleteFileA
CreateDirectoryA
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
GetCurrentThreadId
GetCommandLineA
SetUnhandledExceptionFilter
CreateThread
GetExitCodeThread
GetTickCount
ExitThread
IsBadReadPtr
SleepEx
SetEnvironmentVariableA
GetProcAddress
GetModuleHandleA
GetLastError
Sleep
ExitProcess
LoadLibraryA
FreeResource
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
LockResource
LoadResource
FindResourceA
GetCurrentDirectoryA
GetTempPathA
SetFilePointer
WaitForSingleObject
GetCurrentProcess
CreateEventA
ExpandEnvironmentStringsA
GetSystemDirectoryA

shell32

ShellExecuteA

ws2_32

closesocket
getprotobynumber

Sections

text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a962457a05b329de34dc4c5c609b6e1

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

ws2_32

Sections

text Size: 20KB - Virtual size: 19KB

.data Size: 164KB - Virtual size: 166KB

.rsrc Size: 80KB - Virtual size: 78KB

text
Size: 20KB - Virtual size: 19KB

.data
Size: 164KB - Virtual size: 166KB

.rsrc
Size: 80KB - Virtual size: 78KB