9ff62b3626b56a46b31996309592e94d_JaffaCakes118

General

Target

9ff62b3626b56a46b31996309592e94d_JaffaCakes118
Size

32KB
MD5

9ff62b3626b56a46b31996309592e94d
SHA1

759ed8b1c58f712a8f91e7834c066d26617842f5
SHA256

591f35129364fbdb331011f503ff8122ae77d8d9e94a55d800de6036ebf8c035
SHA512

e49d5b7611062dac145981f06e4deda5b3baaeea3b50b1f4eb7514b2aee92b585aec474dff8e247c1f39047db5426956587267d063ea7790025a9b07788c1c8c
SSDEEP

384:AN2jSUqmNZDfWmTwnWP6MYNg7zNbSeCJdL76H1BB9uOyajwRtLCLvA1+U:Tq8hECYy1eJR6VBnu/ajYIvA1B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ff62b3626b56a46b31996309592e94d_JaffaCakes118

Files

9ff62b3626b56a46b31996309592e94d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5ed2f730e7dae14a9e7d8af2d222296

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
gethostname
connect
htons
gethostbyname
gethostbyaddr
ioctlsocket
WSAGetLastError
socket
send
recv
closesocket
WSAStartup

kernel32

GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA
CreateMutexA
GetLastError
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
CopyFileA
GetSystemDirectoryA
GetCurrentProcessId

advapi32

RegDeleteValueA
RegSetValueExA
GetUserNameA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

strcat
sscanf
strchr
isdigit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
memmove
??2@YAPAXI@Z
strftime
localtime
time
strlen
sprintf
memcpy
_initterm
__setusermatherr
_ftime
strncmp
strtok
_exit
_XcptFilter
exit
__p__acmdln
__getmainargs

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5ed2f730e7dae14a9e7d8af2d222296

Headers

File Characteristics

Imports

wsock32

kernel32

advapi32

msvcrt

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 12B

.data Size: 2KB - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 888B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 12B

.data
Size: 2KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 888B