a26a4f0c6d7f45e9eb1504c9bb3e226c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a26a4f0c6d7f45e9eb1504c9bb3e226c_JaffaCakes118
Size

70KB
MD5

a26a4f0c6d7f45e9eb1504c9bb3e226c
SHA1

9c4337306c637476456e199838a435cd333198be
SHA256

d600f3bb8fa08f38240bfceffab08ccec19a1198f6571dc67f992dfaeba4d7a3
SHA512

b0a403937ce44318b253e863c6da46b1e14ea92b55d5aa08478c969e29f13556898aaac09a41322776301e4802f6155c32de8e96bf4e80c14b1c0b21bc4a3b32
SSDEEP

768:2MSgIuPpihCl4a7z98+Z67Oha2gb3W7uoVOmeoxEmVJhMJQJDFD:TSgIuP18WYz2WWihZoxEmbt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a26a4f0c6d7f45e9eb1504c9bb3e226c_JaffaCakes118

Files

a26a4f0c6d7f45e9eb1504c9bb3e226c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23c4208c50889285d265b21ef885ffd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

sendto
connect
WSAStartup
ioctlsocket
inet_addr
gethostbyname
closesocket
recv
WSACleanup
select
send
htons
socket

shell32

ShellExecuteA

advapi32

RegDeleteKeyA
RegCreateKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
GetUserNameA
RegOpenKeyA

kernel32

GetProcAddress
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
SetEndOfFile
ReadFile
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetStringTypeW
SetFileAttributesA
DeleteFileA
Sleep
GetLastError
CopyFileA
GetFileAttributesA
lstrcmpiA
GetTempPathA
GetModuleFileNameA
GetModuleHandleA
ExpandEnvironmentStringsA
ExitThread
ExitProcess
GetTickCount
GetLocaleInfoA
GetVersionExA
CloseHandle
CreateProcessA
CreateMutexA
SetErrorMode
WriteFile
CreateFileA
SetEnvironmentVariableA
SetFilePointer
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess

user32

MessageBoxA
BlockInput
keybd_event
GetForegroundWindow
ShowWindow
wsprintfA

shlwapi

PathRemoveFileSpecA

urlmon

URLDownloadToFileA

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 29KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

23c4208c50889285d265b21ef885ffd4

Headers

File Characteristics

Imports

ws2_32

shell32

advapi32

kernel32

user32

shlwapi

urlmon

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 29KB - Virtual size: 108KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 29KB - Virtual size: 108KB