ac9d470072ac93cb634dfd9dccabaa3c_JaffaCakes118

General

Target

ac9d470072ac93cb634dfd9dccabaa3c_JaffaCakes118
Size

116KB
MD5

ac9d470072ac93cb634dfd9dccabaa3c
SHA1

032d0a8e490626b04c358f60a7205205e6229729
SHA256

6f07df19c83b3c22dc50f17f19db0249d2a62ae1e2d5c40110725cca95074b31
SHA512

859b903837f9aa215966b49e6e9ad74cfd102e5f84b351044895ef0b13071370095e9414b3e8403906a4cc9306c2d8c8d4d462af687d0757aefea31219439e54
SSDEEP

1536:JZtuCAPatYT0O2hWp1zQ7wKGlKIEwY1EaxjmyLy1EV0raRoFakS4QvLHWjI2:HoCwf4OcWpbz8SaoFz6v1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac9d470072ac93cb634dfd9dccabaa3c_JaffaCakes118

Files

ac9d470072ac93cb634dfd9dccabaa3c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8fe2267806627010fdb495e4d5c7c773

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
TerminateThread
Sleep
CompareStringW
CompareStringA
LoadLibraryA
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
HeapAlloc
HeapFree
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
RtlUnwind
GetLastError
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
WriteFile
InterlockedDecrement
InterlockedIncrement
GetProcAddress
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetEnvironmentVariableA

ws2_32

htonl
bind
listen
ioctlsocket
send
select
__WSAFDIsSet
recv
WSAGetLastError
accept
socket
inet_addr
htons
connect
gethostbyname
inet_ntoa
WSACleanup
shutdown
closesocket
getpeername
WSAStartup

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8fe2267806627010fdb495e4d5c7c773

Headers

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 35KB

.data Size: 8KB - Virtual size: 4KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 4KB