74df4a0fedf06ff179a238d43c838498_JaffaCakes118

General

Target

74df4a0fedf06ff179a238d43c838498_JaffaCakes118
Size

60KB
MD5

74df4a0fedf06ff179a238d43c838498
SHA1

4866621c9386ad5e05481188b0c6d14b24fdb004
SHA256

25a6bd9db988cddfe76ddd451f4e6495d1904897461c6beda9c869d972a275fa
SHA512

ad2160ba60376d7001678ec1dbe5ae86ffead58d09b3344b42ffd9ddd1a9b317a8727246c5b8fbfba8f4b3b9bbd9b398a8501512646027b447bf139f82a547aa
SSDEEP

768:srpaYRC38EPOckCzyseuIoGLXd/P8wsABgg6qrWADP:srpaYI3dOtCJeuuXd/UwsABgpGTDP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74df4a0fedf06ff179a238d43c838498_JaffaCakes118

Files

74df4a0fedf06ff179a238d43c838498_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e248009710cf4a3a336cf5197acd93db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
__WSAFDIsSet
connect
bind
listen
accept
recv
select
send
closesocket
sendto
WSAGetLastError
inet_ntoa
socket
ioctlsocket
gethostbyname
htons

kernel32

LCMapStringA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetStdHandle
LoadLibraryA
GetCPInfo
LCMapStringW
GetACP
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
Sleep
WinExec
GetModuleFileNameA
CreateThread
GetCurrentProcessId
FlushFileBuffers
GetOEMCP
HeapDestroy
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersionExA
CloseHandle
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InterlockedExchange
VirtualQuery
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSize
SetFilePointer

advapi32

RegSetValueExA
RegOpenKeyExA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e248009710cf4a3a336cf5197acd93db

Headers

File Characteristics

Imports

wsock32

kernel32

advapi32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 18KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 18KB