a8d9de98fa55fde93d6ec9f79d85461f_JaffaCakes118

General

Target

a8d9de98fa55fde93d6ec9f79d85461f_JaffaCakes118
Size

45KB
MD5

a8d9de98fa55fde93d6ec9f79d85461f
SHA1

4cff911500bb89d5442afc3d4f22013e41d4e796
SHA256

e95f87a054d9a3226d838ea17a6f24b08245d3851ce8db24d002e182c06e09a0
SHA512

b0ce36cb0309b7893495b63b6c64d84814102e545649e85635fb920ffc5236ec8e68f08856943223712410fc093e99293b97be318f45f137ed6ea492f48a777c
SSDEEP

768:2slmXiR/f9tDbBsN6k/UPHPlF+jHyK6DaeGKoDj:cSRZdk8vPlFJK6OYoDj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8d9de98fa55fde93d6ec9f79d85461f_JaffaCakes118

Files

a8d9de98fa55fde93d6ec9f79d85461f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6409883b7cb83f7f96381b34891efe32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ioctlsocket
inet_addr
gethostbyname
WSACleanup
closesocket
recv
select
send
htons
socket
connect
WSAStartup

advapi32

RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA

kernel32

GetOEMCP
GetACP
GetCPInfo
GetProcAddress
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LoadLibraryA
SetEndOfFile
ReadFile
LCMapStringA
CreateFileA
Sleep
GetTickCount
ExitThread
ExitProcess
GetLastError
CreateMutexA
SetErrorMode
GetComputerNameA
GetLocaleInfoA
CloseHandle
WaitForSingleObject
CreateThread
CreateProcessA
GetTempPathA
CopyFileA
SetFileAttributesA
GetFileAttributesA
lstrcmpiA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
lstrlenA
ExpandEnvironmentStringsA
LCMapStringW
MultiByteToWideChar
SetFilePointer
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind

shlwapi

PathRemoveFileSpecA

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6409883b7cb83f7f96381b34891efe32

Headers

File Characteristics

Imports

ws2_32

advapi32

kernel32

shlwapi

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 11KB - Virtual size: 19KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 11KB - Virtual size: 19KB