afdc750b12324b147e9c181a814ed9a2_JaffaCakes118

General

Target

afdc750b12324b147e9c181a814ed9a2_JaffaCakes118
Size

56KB
MD5

afdc750b12324b147e9c181a814ed9a2
SHA1

6ef5c22eaf706359d039aa09b8e3f1a307a0472d
SHA256

a7ae4bccfe931938dfbec66b59897c1b50e4404a508dc72f9251f7bfc6bfbb5e
SHA512

aa4324417917696a691659c3c6e1d4abf55d27976c746db35aeaf21a2c085a67241d0fb19905ce3ddaa037ecfd170a8c9fe5b2cf04456cb018ae2bd11bc0d7e5
SSDEEP

768:YD75IE+YeALQ5WPL3NPfJSTymy64/m8/ybhofHJR:Yawes5fJSGtm8movJR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afdc750b12324b147e9c181a814ed9a2_JaffaCakes118

Files

afdc750b12324b147e9c181a814ed9a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a8fbce67873eaba1f32386ceadad628

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
CreateProcessA
CreateFileA
GetNumberOfConsoleInputEvents
PeekConsoleInputA
DuplicateHandle
LCMapStringW
LCMapStringA
CloseHandle
LoadLibraryA
GetProcAddress
ReadFile
GetStringTypeW
GetStringTypeA
SetFilePointer
SetStdHandle
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
MultiByteToWideChar
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
ExitProcess
TerminateProcess
GetCurrentProcess
Sleep
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
SetHandleCount
GetFileType
GetStartupInfoA
WideCharToMultiByte
GetLastError
FlushFileBuffers
WriteFile
RtlUnwind
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA

ws2_32

__WSAFDIsSet
select
recv
send
listen
getsockname
recvfrom
accept
WSASetLastError
socket
setsockopt
bind
connect
htons
ntohs
inet_addr
gethostbyname
inet_ntoa
gethostbyaddr
shutdown
closesocket
WSAGetLastError
WSAStartup
WSACleanup

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a8fbce67873eaba1f32386ceadad628

Headers

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 18KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 18KB