a85fc3097872a37eb24f88365152355b_JaffaCakes118

General

Target

a85fc3097872a37eb24f88365152355b_JaffaCakes118
Size

63KB
MD5

a85fc3097872a37eb24f88365152355b
SHA1

b8dc8c9499a076732d6025428202b59e2b751652
SHA256

db8f27698c6d5d8b57f78e50356cf80d6fec2b1b7000f9f41d71c07d7aa57a2e
SHA512

4e06ccfeaf2612fa8db1b0e28b553db477f142ff4c62f925473dd0bc3f608042ff9028595c8dd8bf25acda8171960e667de449549efcbf2d4d5cdbe0efb6d849
SSDEEP

768:uA4FUa1LtPDygLa1l/wcC16O22UXtrlzW6yFctabgrgvlj0JTj/YtGSJsP:yT1LtPD/Lazor1bmrlzAcc9jWDYtGS2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a85fc3097872a37eb24f88365152355b_JaffaCakes118

Files

a85fc3097872a37eb24f88365152355b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2319958bc7f16fbdabde0c8a6aeacb1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
SetFileAttributesA
FindFirstFileA
lstrcpyA
CloseHandle
DeviceIoControl
CreateFileA
CreateProcessA
GetTickCount
GetFileAttributesA
lstrlenA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetSystemDirectoryA
GetVersionExA
Sleep
GetOEMCP
GetACP
GetCPInfo
ReadFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
GetLastError
DeleteFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
SetEndOfFile

user32

wsprintfA
MessageBoxA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

wininet

InternetGetConnectedState

ws2_32

socket
gethostbyname
closesocket
WSAStartup
htons
gethostbyaddr
inet_addr
send
recv
connect

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2319958bc7f16fbdabde0c8a6aeacb1c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

ws2_32

Sections

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 58KB - Virtual size: 63KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 58KB - Virtual size: 63KB