8e8cd6cdb36b9e954a6bc80727779665_JaffaCakes118

General

Target

8e8cd6cdb36b9e954a6bc80727779665_JaffaCakes118
Size

13KB
MD5

8e8cd6cdb36b9e954a6bc80727779665
SHA1

b7fbf338d5b4f007daf802ff7c679cc9720ad843
SHA256

9f88d059037b8dc4ebaaa6696741e72a606321ebf0b11c93bf798c819de15cba
SHA512

e0e159b0354ce08b43082545e1b322ea9b36b3d3eee4333412a80810fd3d735fb8d6fb0a3a0d7e6108f13e2a45e0b822a27307ced9da38877d3d17f3846f9eaf
SSDEEP

192:rsiA2zhAoKy8fV+dBjYNEwY7inj3pJWDE8vQWnd2:rTfJwV+d+Ymnj3bWDE8vQW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e8cd6cdb36b9e954a6bc80727779665_JaffaCakes118

Files

8e8cd6cdb36b9e954a6bc80727779665_JaffaCakes118
.dll windows:4 windows x86 arch:x86

17ad3fcd9e38eca24ca14b938978a511

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord540
ord2846
ord2818
ord537
ord1168
ord2764
ord6648
ord4129
ord2915
ord800

msvcrt

_adjust_fdiv
malloc
_initterm
free
strncpy
strncmp
atoi
strstr
strchr
strtok
printf
time
srand
rand
__CxxFrameHandler

kernel32

GetCurrentProcessId
GetTickCount
CreateProcessA
GetSystemDirectoryA
CreateThread
GlobalMemoryStatus
ExitThread
GetProcessHeap
HeapAlloc
CreateMutexA
GetLastError
WaitForSingleObject
GetVersionExA
Sleep

user32

wsprintfA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

urlmon

URLDownloadToFileA

ws2_32

sendto
gethostbyname
inet_addr
htons
setsockopt
WSASocketA
WSAStartup
gethostname
htonl
closesocket
connect
socket
inet_ntoa
send
WSAGetLastError
recv
__WSAFDIsSet
select

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17ad3fcd9e38eca24ca14b938978a511

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

urlmon

ws2_32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 241KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 241KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB