b2cbdb73a2ada9e53f773f257810082b_JaffaCakes118

General

Target

b2cbdb73a2ada9e53f773f257810082b_JaffaCakes118
Size

252KB
MD5

b2cbdb73a2ada9e53f773f257810082b
SHA1

e515b95d90711afe3993bcf6a2a2da68f9f193c6
SHA256

92a2a29c8537aee189d01f0eb8475795a455377b4bb0c329e139882997d8dac1
SHA512

4b3668c5962373c933b2d2717a28dbe02ac1bae232bfa2fcaa07567c10f14c00c6f038cb3f22846ae79a59e7dd099a28a38e88bd10c47a27cabbca3d105fa3b0
SSDEEP

1536:X9SKVxv8Cw4jgIqM2DimU+N1sVSOxDSErB5U8:X0KVZjDqMMi5g0dSErBy8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2cbdb73a2ada9e53f773f257810082b_JaffaCakes118

Files

b2cbdb73a2ada9e53f773f257810082b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90fbcc52d8b82bd016da99b08adaaca8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
CreateProcessA
GetSystemDirectoryA
GetLastError
CreateMutexA
GetTempPathA
GetModuleHandleA
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocalTime
DeleteFileA
CloseHandle
WaitForSingleObject
CopyFileA
ExpandEnvironmentStringsA
WriteFile
CreateFileA
GetVersionExA
GlobalMemoryStatus
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetOEMCP
GetACP
GetCPInfo
ReadFile
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount
CreateThread
TerminateThread
Sleep
GetStringTypeW
GetStringTypeA
SetFilePointer
FlushFileBuffers
SetStdHandle
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SetEndOfFile
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
GetCurrentProcess
TerminateProcess
ExitProcess

user32

FindWindowA
SendMessageA

mpr

WNetAddConnection2A
WNetCancelConnection2A

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

shell32

ShellExecuteA

ws2_32

accept
recv
send
WSASocketA
setsockopt
htonl
listen
WSAGetLastError
gethostbyname
WSAStartup
WSACleanup
inet_ntoa
socket
htons
ioctlsocket
connect
select
closesocket
bind
getsockname
gethostbyaddr
ntohl
WSAAsyncSelect
__WSAFDIsSet
sendto
inet_addr

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

Sections

pec1
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90fbcc52d8b82bd016da99b08adaaca8

Headers

File Characteristics

Imports

kernel32

user32

mpr

advapi32

shell32

ws2_32

wininet

Sections

pec1 Size: 248KB - Virtual size: 248KB

pec1
Size: 248KB - Virtual size: 248KB