83bb0e1b28faf75e1077bfd5856f68b1_JaffaCakes118

General

Target

83bb0e1b28faf75e1077bfd5856f68b1_JaffaCakes118
Size

59KB
MD5

83bb0e1b28faf75e1077bfd5856f68b1
SHA1

e0d7bf91101998e6ff26f001b56a9b53de7de2e2
SHA256

7ff325f819ec702ccca3be1e7c7f4e7ead15f7c26d62cc1ad11bb995c928b78e
SHA512

762de3e3326623c21da5ebf12a60799dada914c62e62648e86d630e6b8e23735e3788c97b835e63058d261536564eb70f2361434310e3f5bfef02547827f7d69
SSDEEP

1536:GVTbB7Hu/SUaz9J91w+z6EABDjjMkhkyOodT1P1q:GRbBy01IXBD3bOox

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83bb0e1b28faf75e1077bfd5856f68b1_JaffaCakes118

Files

83bb0e1b28faf75e1077bfd5856f68b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

830259282c70d9600481e2588aca2e50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
TerminateThread
CloseHandle
WriteFile
CreateFileA
GetVersionExA
GlobalMemoryStatus
ExpandEnvironmentStringsA
GetModuleFileNameA
GetTickCount
ExitProcess
GetLastError
CreateMutexA
CopyFileA
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
LCMapStringW
LCMapStringA
CreateThread
Sleep
GetModuleHandleA
GetLocalTime
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc

user32

CharUpperBuffA

advapi32

RegDeleteValueA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

wsock32

inet_addr
recv
WSAAsyncSelect
bind
WSACleanup
accept
ntohs
send
htons
ioctlsocket
gethostbyname
gethostbyaddr
socket
connect
closesocket
getsockname
WSAStartup
listen
sendto

wininet

InternetCloseHandle
InternetGetConnectedState
InternetOpenA
InternetReadFile
InternetOpenUrlA

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

830259282c70d9600481e2588aca2e50

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wsock32

wininet

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 7KB - Virtual size: 41KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 7KB - Virtual size: 41KB