965eb90d47ff45c0247cd3da9d128c10_JaffaCakes118

General

Target

965eb90d47ff45c0247cd3da9d128c10_JaffaCakes118
Size

48KB
MD5

965eb90d47ff45c0247cd3da9d128c10
SHA1

45996eec51a73efabbe161cb379c5a37426e4c74
SHA256

d2c82f918aa4e17d96d869317626f7ee55dde04487a71cf36bb02e3f07cf6f6a
SHA512

9fb2d86ae1bd5db731b0c44d7ca5d67792876b06b7803dfd37123f9b2c3516c70253bbff6bc0301cd3d4249d10b85fe82114d4417b20ebaaf59b7b3987b20e10
SSDEEP

384:ZkyYQYh0XyZYfZhhSsw3mlYHTu+KJuRCb2P7QqZXOvbPulizjXv9lHfcmDpSp8/J:Cy/lC+JwWuHCV4bZ+vbPskDFl3D6y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
965eb90d47ff45c0247cd3da9d128c10_JaffaCakes118

Files

965eb90d47ff45c0247cd3da9d128c10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5005068619329687552a927f0f0c59e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\Documents and Settings\llc\Desktop\Visual Studio Projects\projectDDoS\Copy of HTTP\sitebot\Release\anti-leak.pdb

Imports

kernel32

Sleep
GetTickCount
GetSystemInfo
VirtualProtect
GetLocaleInfoA
FlushFileBuffers
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetFilePointer
HeapAlloc
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
SetStdHandle
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle

wininet

DeleteUrlCacheEntry

urlmon

URLDownloadToFileA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5005068619329687552a927f0f0c59e7

Headers

File Characteristics

PDB Paths

Imports

kernel32

wininet

urlmon

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 8KB - Virtual size: 7KB