844a29a5e974c325f84a512ebf9c49d9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

844a29a5e974c325f84a512ebf9c49d9_JaffaCakes118
Size

97KB
MD5

844a29a5e974c325f84a512ebf9c49d9
SHA1

b470038608a0254ddbad09b531d833555c53132f
SHA256

7031b66497e179ec58c919a58328ff64125bc5d0d631f6607dff3d90d43a88da
SHA512

6dfc7f9d8e42eff89080df9c3f39b60082ae3cf8e057d588af6782253bca371c996c678028e943e1a16b119dd932c6ffcfcd64fb6e84d1332d0a867d61043187
SSDEEP

3072:TyZAHbJef/GPYlvCFa0QctPZoMzAxSmV79UozqCz2KP:TyZyg/GP4viQctPZoMkxSmV7OozXz2U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
844a29a5e974c325f84a512ebf9c49d9_JaffaCakes118

Files

844a29a5e974c325f84a512ebf9c49d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1fd1e066786b36d30e5c1c3f2905766

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ord128
ord580
ord151
ord537
ord883
ord880
ord591
ord587
ord478
ord319
ord616
ord464
ord431
ord373
ord364
ord361
ord266
ord241
ord183
ord184
ord109
ord913
ord861
ord778
ord769
ord712
ord679
ord666
ord433
ord348
ord351
ord80
ord50
ord852
ord851
ord587
ord375
ord940
ord922
ord896
ord887
ord881
ord844
ord838
ord836
ord835
ord815
ord776
ord773
ord772
ord707
ord682
ord679
ord643
ord632
ord609
ord600
ord586
ord581
ord580
ord537
ord512
ord506
ord505
ord501
ord494
ord481
ord479
ord469
ord462
ord444
ord442
ord409
ord375
ord366
ord361
ord348
ord343
ord340
ord339
ord332
ord327
ord319
ord316
ord270
ord243
ord241
ord224
ord218
ord209
ord205
ord195
ord194
ord151
ord130
ord128
ord99
ord98
ord80
ord76
ord72
ord64
ord50
ord507

user32

ord296
ord477
ord43
ord728
ord727
ord634
ord621
ord617
ord592
ord587
ord572
ord555
ord512
ord510
ord505
ord504
ord501
ord500
ord491
ord477
ord468
ord359
ord354
ord350
ord329
ord298
ord271
ord269
ord258
ord226
ord194
ord70
ord68
ord67

advapi32

ord496
ord486
ord460
ord509
ord496
ord467
ord464
ord460
ord428
ord335
ord293
ord30
ord578
ord431
ord429
ord177
ord102
ord68
ord64

oleaut32

SysFreeString
SysAllocStringLen

gdi32

ord544
ord529
ord528
ord501
ord479
ord427
ord423
ord412
ord407
ord365
ord364
ord363
ord284
ord144
ord141
ord70
ord64
ord51
ord46
ord45
ord40
ord19

wsock32

WSACleanup
WSAStartup
WSAGetLastError
gethostbyname
socket
shutdown
send
select
recv
inet_ntoa
ioctlsocket
htons
connect
closesocket

shell32

ord359
ord299
ord288
ord359

psapi

ord15

avicap32

ord4
ord2

wininet

ord276
ord269
ord268
ord224
ord206

ntdll

ord358

Sections

CODE
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f1fd1e066786b36d30e5c1c3f2905766

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

gdi32

wsock32

shell32

psapi

avicap32

wininet

ntdll

Sections

CODE Size: 80KB - Virtual size: 80KB

DATA Size: 4KB - Virtual size: 3KB

BSS Size: - Virtual size: 2KB

.idata Size: 5KB - Virtual size: 5KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

CODE
Size: 80KB - Virtual size: 80KB

DATA
Size: 4KB - Virtual size: 3KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 5KB - Virtual size: 5KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB