a150ff71c0df7b9b7bbf44dade506026_JaffaCakes118

General

Target

a150ff71c0df7b9b7bbf44dade506026_JaffaCakes118
Size

12KB
MD5

a150ff71c0df7b9b7bbf44dade506026
SHA1

ede3e01a914f3abd6e894f07f7a4e40d60574605
SHA256

476e5c57dbd70f438355a2609b1d54a424e77990fac6ad36653bc1f1c8f54104
SHA512

2914180a6f78c29921ef840fa4cf0187fb03dd6827cbb5a5263da915d5a1c2dd52ecb2108b418dc4315d4f5d4d473e8f78cc3d1de26b5b91b32645813ec77f65
SSDEEP

384:YGqzqMoe9hzRqTmR/Q+fDg9dF9N1bCG8:YGqzqMoKzUTQfDg9xmH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a150ff71c0df7b9b7bbf44dade506026_JaffaCakes118

Files

a150ff71c0df7b9b7bbf44dade506026_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3559b39f4c50e23d3c809d37a2c6e503

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

socket
send
select
recv
connect
WSAStartup
htons
closesocket
gethostbyname
inet_addr
WSACleanup

urlmon

URLDownloadToFileA

kernel32

GetDriveTypeA
GetLogicalDriveStringsA
GetStartupInfoA
lstrcatA
CreateDirectoryA
CreateFileA
WriteFile
Sleep
CreateProcessA
ExpandEnvironmentStringsA
CreateThread
ExitProcess
GetLastError
CreateMutexA
SetErrorMode
CopyFileA
SetFileAttributesA
GetFileAttributesA
lstrcmpiA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetTempPathA
GetTickCount
ExitThread
GetVersionExA
GetLocaleInfoA
TerminateThread
WaitForSingleObject
lstrlenA

shell32

ShellExecuteA

advapi32

RegDeleteValueA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

user32

wsprintfA

msvcrt

atoi
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
fopen
fprintf
sprintf
rand
_snprintf
strncpy
memmove
strncmp
strchr
fclose
strtok
strstr
srand
malloc

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3559b39f4c50e23d3c809d37a2c6e503

Headers

File Characteristics

Imports

ws2_32

urlmon

kernel32

shell32

advapi32

user32

msvcrt

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 5KB

.reloc Size: 1024B - Virtual size: 846B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 5KB

.reloc
Size: 1024B - Virtual size: 846B