70377599d123c90a2c49a23d04919b86_JaffaCakes118

General

Target

70377599d123c90a2c49a23d04919b86_JaffaCakes118
Size

77KB
MD5

70377599d123c90a2c49a23d04919b86
SHA1

f4f6cde57ba7dfcf35bd11f8f39768fe7c7807a6
SHA256

08089e0176052b57f62bbb8fa4cb9a0f4bba4aca9c7af7efa45ee8dd5d083838
SHA512

dc0c74792050572bed85f02b5171bb4ba13ad392738cdbb0a7d50e053a9bbe6760345e50504e6211d23044b0575a41318840e4ccc663696b0f9f04d7c2eec902
SSDEEP

1536:mUBdyOvsmqGvjOnyw2h4v0zmpKpeAv48qwo:mUBdyoswSFO4vkm+eZIo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70377599d123c90a2c49a23d04919b86_JaffaCakes118

Files

70377599d123c90a2c49a23d04919b86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c22c0feda78c02130bf21b21076ce0f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceA
CreateProcessA
GetEnvironmentVariableA
GetShortPathNameA
RemoveDirectoryA
GetTimeFormatA
InterlockedExchange
GetVolumeInformationW
SetLastError
ExitProcess
GetCurrentProcessId
GetFileTime
GetDiskFreeSpaceW
FindCloseChangeNotification
FindNextChangeNotification
HeapWalk
HeapCompact
HeapAlloc
HeapCreate
HeapFree
CopyFileW
CreateDirectoryA
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualProtect
VirtualAlloc
RemoveDirectoryW
MoveFileW
FindNextFileW
FindFirstFileW
TlsSetValue
TlsAlloc
GetCurrentThreadId
GetCommandLineW
GetModuleHandleW
MoveFileA
GetModuleHandleA
GetStartupInfoA

ws2_32

WSAStartup
getsockopt
htonl
getservbyname
htons
ntohs
recv
recvfrom
send

msvcr71

_XcptFilter
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
atoi
memmove
fread
time
strncmp
fclose
fwrite
fseek
fopen
_c_exit
_exit
_adjust_fdiv
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_controlfp

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c22c0feda78c02130bf21b21076ce0f2

Headers

File Characteristics

Imports

kernel32

ws2_32

msvcr71

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 31KB - Virtual size: 113KB

.rsrc Size: 1024B - Virtual size: 664B

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 31KB - Virtual size: 113KB

.rsrc
Size: 1024B - Virtual size: 664B