8754c3eb42852f673094758591679341_JaffaCakes118

General

Target

8754c3eb42852f673094758591679341_JaffaCakes118
Size

70KB
MD5

8754c3eb42852f673094758591679341
SHA1

396e9ebbb75e36871b2967d9b89197fd93469db3
SHA256

9a7e8a5d4fcaf17a5c77265f4091a1b5d5c0e03d4fa236d71b27a3e3203bcc58
SHA512

2c7ec71e00ee715fe148aba566efecb8ca27dfa57a7b965607b3213dd636787aa5b5104a2e51d839e3bedce715683cf87bc97e0f4b168d04d3fa0711e7add702
SSDEEP

768:UQmyoR80cWUJwsbDXdYaby99wAByjRnzwrPjyuo+:EDqeUJwJ99wABmRnqo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8754c3eb42852f673094758591679341_JaffaCakes118

Files

8754c3eb42852f673094758591679341_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1989ffb23abc52cf87dddb90082af8b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperationA

ws2_32

socket
WSAGetLastError
connect
getsockname
select
shutdown
htons
WSAStartup
WSACleanup
gethostbyname
inet_addr
inet_ntoa
recv
send
closesocket

kernel32

GetCommandLineA
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CreateFileA
FlushFileBuffers
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetTempPathA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
DeleteFileA
Sleep
CloseHandle
WaitForMultipleObjects
GetLastError
ExitThread
ReadFile
WriteFile
lstrlenA
LoadLibraryA
HeapFree
HeapAlloc
GetStartupInfoA
GetVersion
ExitProcess
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1989ffb23abc52cf87dddb90082af8b8

Headers

File Characteristics

Imports

shell32

ws2_32

kernel32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 18KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 18KB