a94362fed558fc1581d3a1b6631b8835_JaffaCakes118

General

Target

a94362fed558fc1581d3a1b6631b8835_JaffaCakes118
Size

56KB
MD5

a94362fed558fc1581d3a1b6631b8835
SHA1

9b74378a5a2903e2a1f51e17eb353becf5d2f5da
SHA256

9ebc056a2f21122ee3f6c2c73e1fa6e41baf741e43702806cbc8bbd17b2a22b1
SHA512

b21752a325027bbbffbc67872d343f261149777450cc89509c0e551bccddfd2a85591e470a5565134063e0e13079825994cb228c0a99b81a0a2b3b938eca8c8f
SSDEEP

768:w1z1zzutZROpL/a4SaW0S+Y32Cwx+k8Tg90rty0Rjqf2P7Y7Hq7w4oAG:w1Z7S4SR+l+z090rMYwIoD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a94362fed558fc1581d3a1b6631b8835_JaffaCakes118

Files

a94362fed558fc1581d3a1b6631b8835_JaffaCakes118
.exe windows:4 windows x86 arch:x86

714903d01d084474d16da931e7ab19c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
WriteFile
CopyFileA
CloseHandle
SetFilePointer
GetFileSize
CreateFileA
OutputDebugStringA
lstrlenA
Sleep
IsBadWritePtr
IsBadReadPtr
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
lstrcatA
GetSystemDirectoryA
lstrcmpiA
SetEnvironmentVariableA
FlushFileBuffers
LoadLibraryA
GetProcAddress
VirtualAlloc
IsBadCodePtr
SetUnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetLastError
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
WideCharToMultiByte
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
SetStdHandle

shell32

ShellExecuteA

ws2_32

connect
WSASetLastError
send
htons
closesocket
WSACleanup
WSAStartup
gethostbyname
inet_addr
WSAGetLastError
socket
recv

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

714903d01d084474d16da931e7ab19c3

Headers

File Characteristics

Imports

kernel32

shell32

ws2_32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 8KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 8KB