75e6dcd316e8a987cb7d99bfb13e2984_JaffaCakes118

General

Target

75e6dcd316e8a987cb7d99bfb13e2984_JaffaCakes118
Size

60KB
MD5

75e6dcd316e8a987cb7d99bfb13e2984
SHA1

72161120571e236c43a977e7c8e43abbc5471e3c
SHA256

9a7d133e81717f8ffebcd0266f2adbfff3a4d8426549ca6eff13ff1aa9b030a2
SHA512

42d40134faea2c631f881af23eb20d4123c51c74d2e4840409e57b65478d92fdc10d8db582378952fe1da580d5d261522ce790ebb91b42599ef0c6eaa5565729
SSDEEP

1536:7EDhofL447F5ni83DKh298g6CnahLXBk8FdMO:7chofLH5iS19v6C0LRk8XMO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75e6dcd316e8a987cb7d99bfb13e2984_JaffaCakes118

Files

75e6dcd316e8a987cb7d99bfb13e2984_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5982395cdc193e4c8317068c0b0e6990

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
DeactivateActCtx
GetModuleHandleW
GetLastError
GetUserDefaultLCID
GetFileSize
SetUnhandledExceptionFilter
ClearCommBreak
CloseHandle
OpenEventW
GetTempPathW
GetSystemTimeAsFileTime
AddAtomW
VirtualAlloc
GetCurrentProcessId
CancelIo
FindAtomW
OpenConsoleW
WideCharToMultiByte
BeginUpdateResourceW
GlobalAlloc
GetCurrentThreadId
GetCurrentProcess
ExitProcess
DeleteCriticalSection
GetConsoleNlsMode
DeleteTimerQueue
EnumDateFormatsExW
CopyFileA
CreateMutexW

ws2_32

WSAGetServiceClassInfoW
socket
accept
WSAStartup
closesocket
WSACleanup
bind
listen

msvcrt

_chdir
_atoi64
_assert
_access

Sections

.data
Size: - Virtual size: 522KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5982395cdc193e4c8317068c0b0e6990

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

msvcrt

Sections

.data Size: - Virtual size: 522KB

.text Size: 53KB - Virtual size: 52KB

.bss Size: 512B - Virtual size: 256B

.rdata Size: 1KB - Virtual size: 1KB

.edata Size: 1024B - Virtual size: 576B

.rsrc Size: 3KB - Virtual size: 3KB

.data
Size: - Virtual size: 522KB

.text
Size: 53KB - Virtual size: 52KB

.bss
Size: 512B - Virtual size: 256B

.rdata
Size: 1KB - Virtual size: 1KB

.edata
Size: 1024B - Virtual size: 576B

.rsrc
Size: 3KB - Virtual size: 3KB