84a769cb3ff03d98a0f508381757650e_JaffaCakes118

General

Target

84a769cb3ff03d98a0f508381757650e_JaffaCakes118
Size

20KB
MD5

84a769cb3ff03d98a0f508381757650e
SHA1

e0008129f67352ab34d7dce2f29572d48c0a83c0
SHA256

c301b8b8fc7de6a49042383e9b0c3e5d4d7c8beeb9c4e00e3617ec0a548be819
SHA512

bbc9bfd5c747a5a49f60aacd3d0f1fbf3e5ab795ff5ba2b0ba215420809778fe536d4c3a703a2c35a585c4acb783b7298475d09cb519f38a852fc034f633d87e
SSDEEP

384:VlT8CYz2nCLzPLe6zFD8RtbuwWbANey9K:VlTMz2CXzxD8nWbANn9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84a769cb3ff03d98a0f508381757650e_JaffaCakes118

Files

84a769cb3ff03d98a0f508381757650e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76c6f4b72f86fed59615b1abd5b7cd17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
ExitProcess
GetCommandLineA
GetModuleHandleA
GetTickCount
GetVersionExA
GetWindowsDirectoryA
ReadFile
ResumeThread
SuspendThread
WriteFile
CreateThread
CloseHandle
CreateFileA

user32

DestroyWindow
CheckDlgButton
DispatchMessageA
EnableWindow
EndDialog
DefWindowProcA
DialogBoxParamA
CreateDialogParamA
GetDlgItemTextA
GetMessageA
IsDialogMessageA
IsDlgButtonChecked
KillTimer
GetDlgItemInt
LoadIconA
MessageBeep
MessageBoxA
PostQuitMessage
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemInt
SetDlgItemTextA
SetFocus
SetTimer
ShowWindow
TranslateMessage
UpdateWindow
GetDlgItem
LoadCursorA

comctl32

ord17

ws2_32

inet_addr
WSACleanup
WSAGetLastError
WSAStartup
closesocket
htons
WSAAsyncSelect
inet_ntoa
ntohl
sendto
setsockopt
socket

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.topo0
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76c6f4b72f86fed59615b1abd5b7cd17

Headers

File Characteristics

Imports

kernel32

user32

comctl32

ws2_32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 6KB - Virtual size: 5KB

.topo0 Size: 1024B - Virtual size: 1000B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 6KB - Virtual size: 5KB

.topo0
Size: 1024B - Virtual size: 1000B