b036d09a2e7bdd7de58d02f29f709aa2_JaffaCakes118

General

Target

b036d09a2e7bdd7de58d02f29f709aa2_JaffaCakes118
Size

63KB
MD5

b036d09a2e7bdd7de58d02f29f709aa2
SHA1

c187dc6651cd2e30cc93133cc6ed3a2b8aa1c149
SHA256

b9d9d90e5e176de699bce7b191a81a47d19b80c1608e60b3fa364d5b5e03a033
SHA512

d81e3e1d324d880ba364651308b5f9654bb433969be46bb86efd566af6d5eef4d17782756c03f0d66bd08054b8f68dd2e67d25aaf9da52a4a5b3caf7d5170dc2
SSDEEP

1536:bSU6926eeKMlARhntq/Ketpak1PTEw8ZqbXrxj0toq6knNM:p6ehNRhnc/KefaV6t0toqrnO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b036d09a2e7bdd7de58d02f29f709aa2_JaffaCakes118

Files

b036d09a2e7bdd7de58d02f29f709aa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c268c3535880d69c895168ca0239164

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetTickCount
TerminateProcess
ReadFile
WriteFile
CreateProcessA
CloseHandle
CreatePipe
GetProcAddress
LoadLibraryA
GetDriveTypeA
GetLogicalDrives
SetFilePointer
GetFileSize
GetLastError
CreateFileA
CopyFileA
GetEnvironmentVariableA
ExitProcess
GetModuleFileNameA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
InterlockedIncrement
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InterlockedDecrement

ws2_32

gethostname
send
select
__WSAFDIsSet
inet_addr
gethostbyname
recv
setsockopt
socket
htons
bind
closesocket
connect
WSASetLastError
WSAStartup
WSACleanup

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c268c3535880d69c895168ca0239164

Headers

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 5KB - Virtual size: 5KB