6600b3c7befc498936e36863875b24c9_JaffaCakes118

General

Target

6600b3c7befc498936e36863875b24c9_JaffaCakes118
Size

41KB
MD5

6600b3c7befc498936e36863875b24c9
SHA1

73a06bb30414142a2ffde4563b1f92e0eb35160a
SHA256

938e6aaf1dbddc91df1244cb7ff76f9386c72add1c74fc602ba32fe86fefd6e0
SHA512

e6991f8ae95a717b04cf67f3435e52fa6608505231608d9724e38700c7f11c864d8f7fd5574507a14f40c86603c879f741fbbda7ae31114c4ae18ea50c3cd5ad
SSDEEP

768:e5w5UMWczwZQHfcU5XZo2cGntfK/cGue66RHh0:ew5FQQ/XruqtKklJ6RB0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6600b3c7befc498936e36863875b24c9_JaffaCakes118

Files

6600b3c7befc498936e36863875b24c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30e4093ca50a7fbe4e9e2213f7e2501e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
bind
listen
accept
shutdown
recv
WSAStartup
socket
gethostbyname
htons
connect
send
closesocket
WSACleanup

kernel32

SetConsoleTextAttribute
GetStartupInfoA
GetModuleHandleA
SetErrorMode
GetConsoleWindow
CreateFileMappingA
GetLastError
GetTickCount
GetLogicalDriveStringsA
GetDriveTypeA
SetFileAttributesA
GlobalAlloc
CreateThread
Sleep
CreateProcessA
lstrlenA
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
GetStdHandle
AllocConsole
FreeConsole
GetVolumeInformationA
GetTempFileNameA
GetModuleFileNameA
GetTempPathA

user32

ShowWindow

msvcrt

_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
fclose
exit
_XcptFilter
sprintf
_strdup
fgets
fopen
_except_handler3
malloc
fwrite
fputs
setvbuf
_iob
_fdopen
_open_osfhandle
strlen
strcat
rand
strcpy
strstr
strrchr
strcmp
ftell
fseek
memset
strtok
free
srand
__argv
__argc
_exit

Sections

.bss
Size: - Virtual size: 47KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xxx
Size: 160B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30e4093ca50a7fbe4e9e2213f7e2501e

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

msvcrt

Sections

.bss Size: - Virtual size: 47KB

.data Size: 13KB - Virtual size: 13KB

xxx Size: 160B - Virtual size: 4KB

.bss
Size: - Virtual size: 47KB

.data
Size: 13KB - Virtual size: 13KB

xxx
Size: 160B - Virtual size: 4KB