72f408ff852d8806ab50f624ef8f5749_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72f408ff852d8806ab50f624ef8f5749_JaffaCakes118
Size

48KB
MD5

72f408ff852d8806ab50f624ef8f5749
SHA1

bb3b088ecfbcdc11fc62b7cb67312062217f1eef
SHA256

dcdc88ef6cf4d7b6065855011ba31a65e70c14d31b672db7dd0695d3441f1cfe
SHA512

b38e3b9a8a6f976949f46ab119514da4fe85f3e321862b5bd1d46da3e0b64fc3b1db9d570265d87342c0db62296aadaef43688a90ab49da304f1c2014c9b340e
SSDEEP

768:JY8EvnZgiFnqrJT4c661GxgAhMlUbkNDKlJ:iYiFnqrJT4c664ChNDoJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72f408ff852d8806ab50f624ef8f5749_JaffaCakes118

Files

72f408ff852d8806ab50f624ef8f5749_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37fae9dd190f5cfd9a30936dcadc6d5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

ws2_32

socket
connect
send
closesocket
WSAStartup
htons

shlwapi

StrStrIA

kernel32

HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetSystemInfo
Sleep
WaitForSingleObject
CreateThread
ExitProcess
CopyFileA
GetWindowsDirectoryA
GetModuleFileNameA
VirtualProtect
LCMapStringW
LCMapStringA
SetThreadPriority
FreeEnvironmentStringsW
VirtualQuery
InterlockedExchange
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetLocaleInfoA
RtlUnwind
LoadLibraryA
InitializeCriticalSection
VirtualAlloc
HeapReAlloc

user32

GetCursorPos
MessageBoxA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37fae9dd190f5cfd9a30936dcadc6d5b

Headers

File Characteristics

Imports

winmm

ws2_32

shlwapi

kernel32

user32

advapi32

shell32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 4KB