82fb70091f99ca6ed474631c133c7e64_JaffaCakes118

General

Target

82fb70091f99ca6ed474631c133c7e64_JaffaCakes118
Size

97KB
MD5

82fb70091f99ca6ed474631c133c7e64
SHA1

cfd2156f3147d2703b5fec47a337d5c4cd672912
SHA256

371566e7ff3e0992e45c61b1ae826f31737abd07579ee83985a68d35c155f9c4
SHA512

6075b6c3fea1ddba325d791d7ae41a5aef18075130c32421a9d05041e7104b44ed9d3c441b5776716fc8435a61239c26e993c231f6bca6d17a1d75e18c58255e
SSDEEP

3072:FHxWT/pWRnWKtMxovgrzvIVhEfWtjV3x5V/:/W4RnWKtMxovgr8VhEuBVB5V/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82fb70091f99ca6ed474631c133c7e64_JaffaCakes118

Files

82fb70091f99ca6ed474631c133c7e64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7e5fa45710a090cbfd1cf0b867a496b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetProcAddress
GetModuleHandleA
GetLastError
ExitProcess
LoadLibraryA
GetModuleFileNameA
GetTempPathA
MoveFileA
WriteFile
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
GetCurrentProcess
OpenEventA
CreateEventA
GetShortPathNameA
ExpandEnvironmentStringsA
GetSystemDirectoryA
SleepEx
SetUnhandledExceptionFilter
CreateProcessA
GetStartupInfoA
SetFilePointer
CopyFileA
GetCommandLineA
CreateDirectoryA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
GetCurrentThread
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary

msvcrt

srand
__CxxFrameHandler
strncmp
strrchr
strstr
memcpy
strncpy
_ftol
tolower
malloc
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
_strupr
_strlwr
memmove
_except_handler3
_itoa

ws2_32

listen

Sections

.t
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7e5fa45710a090cbfd1cf0b867a496b

Headers

File Characteristics

Imports

kernel32

msvcrt

ws2_32

Sections

.t Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 164KB - Virtual size: 165KB

.rsrc Size: 4KB - Virtual size: 1KB

.t
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 164KB - Virtual size: 165KB

.rsrc
Size: 4KB - Virtual size: 1KB