96b2d799710251b061d6bffec5da1245_JaffaCakes118

General

Target

96b2d799710251b061d6bffec5da1245_JaffaCakes118
Size

92KB
MD5

96b2d799710251b061d6bffec5da1245
SHA1

a640fa73887d541bada019cfd40d4d988f6863f8
SHA256

fb60e627bf848857caaf32eeb61f45ae9b73f6018fda3d474043537fd2ac50b0
SHA512

5e02675dd49d9c299862dfc35da8024013b727fcd41cb593fa9c1e60aa4811f4d2566f2c8091f122c3e70eedb96f46d53848b18041f5cd305965f4c75a9f3a55
SSDEEP

1536:XDg5o/wxLu6haFbRe5s/24BO7Jbi8INjuwu3Rm2mpZYBHK66gAeSN5:XDzwkwCbk5N4BOIjuBBJS+RQN5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96b2d799710251b061d6bffec5da1245_JaffaCakes118

Files

96b2d799710251b061d6bffec5da1245_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1da010d8bd21dc9cad45ffc63eb889e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
ReadFile
GetFileAttributesA
ExitProcess
CloseHandle
GetLastError
CreateMutexA
DeleteFileA
lstrcmpiA
GetTickCount
GetDriveTypeA
GetLogicalDriveStringsA
FindClose
FindNextFileA
FindFirstFileA
GlobalAlloc
lstrcpyA
RaiseException
GetLocalTime
lstrcpynA
GetFileSize
GetSystemDirectoryA
CreateDirectoryA
lstrcatA
lstrcmpA
GetComputerNameA
GetProcessTimes
CreateProcessA
WriteFile
GetVersionExA
GetTempFileNameA
GetTempPathA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
TerminateThread
GetExitCodeThread
InitializeCriticalSection
SystemTimeToFileTime
CreateThread
GetSystemTime
RtlUnwind
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
VirtualFree
LCMapStringW
LCMapStringA
WideCharToMultiByte
HeapAlloc
HeapFree
GlobalFree
CreateFileA
Sleep
GetCurrentThread
SetThreadPriority
GetModuleFileNameA
ExitThread
FreeLibrary

advapi32

RegOpenKeyExA
GetUserNameA
RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA

user32

CharLowerA
wsprintfA

ole32

CoCreateGuid
StringFromCLSID

ws2_32

htons
connect
recv
getpeername
WSAStartup
setsockopt
accept
socket
closesocket
select
ioctlsocket
shutdown
bind
listen
gethostname
WSACleanup
gethostbyname
inet_ntoa
send

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1da010d8bd21dc9cad45ffc63eb889e1

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ole32

ws2_32

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 15KB - Virtual size: 33KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 15KB - Virtual size: 33KB