b5a8495711a9fed396a6f82d44b9a1c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5a8495711a9fed396a6f82d44b9a1c9_JaffaCakes118
Size

1.1MB
MD5

b5a8495711a9fed396a6f82d44b9a1c9
SHA1

d451b370a43a243dd5189381678db82fda4aae98
SHA256

79f9f37b6bce597ef8fe7d645250dea434a43fcf8d46018629e13453319d87de
SHA512

7c62030fc42cfee0fa6ca14176a61cdbd4183c947a6df782e0784d979bf1f3008feba295c7c9d1adbc3243d3b2d42e25d7e9f26c6d18ae81738f97588312181a
SSDEEP

24576:DCPQFwcVYfHzvyCYnzu9bNCtTFWTtl6UA7Ov3vMC:DCP22HzyCYzgbMWTCSPx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5a8495711a9fed396a6f82d44b9a1c9_JaffaCakes118

Files

b5a8495711a9fed396a6f82d44b9a1c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5b94db47a60155c09f560ceb644101f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt msvcrt

_onexit Q

msvcrt

_onexit
__dllonexit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
free
calloc
_except_handler3
strcpy
_mbsstr
wcsstr
_mbslwr
_CxxThrowException
??3@YAXPAX@Z
memmove
memcmp
??2@YAPAXI@Z
memset
strlen
__CxxFrameHandler
memcpy
_ftol
wcslen
_chkesp
_wcsupr

kernel32

lstrlenA
WideCharToMultiByte
GetStartupInfoA
GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement
LocalFree
OutputDebugStringA
FreeLibrary
CreateToolhelp32Snapshot
Process32First
GetLastError
Process32Next
CancelIo
InterlockedExchange
SetEvent
lstrcpyA
ResetEvent
WaitForSingleObject
CloseHandle
CreateEventA
Sleep
LoadLibraryA
GetProcAddress

user32

EnumWindows

advapi32

LookupPrivilegeValueA

ws2_32

gethostname
send
WSAStartup
WSAIoctl
WSACleanup
select
closesocket
recv
ntohs
socket
gethostbyname
htons
connect
setsockopt

ole32

OleRun
CLSIDFromString
CLSIDFromProgID
CoCreateInstance

oleaut32

GetErrorInfo
VariantClear
SysAllocString
SysFreeString

iphlpapi

GetAdaptersInfo

shell32

SHGetFolderPathA

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 928KB - Virtual size: 928KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5b94db47a60155c09f560ceb644101f

Headers

File Characteristics

Imports

msvcrt msvcrt

msvcrt

kernel32

user32

advapi32

ws2_32

ole32

oleaut32

iphlpapi

shell32

Sections

.text Size: 128KB - Virtual size: 128KB

SE Size: 16KB - Virtual size: 20KB

SE Size: 928KB - Virtual size: 928KB

SE Size: 4KB - Virtual size: 4KB

.text
Size: 128KB - Virtual size: 128KB

SE
Size: 16KB - Virtual size: 20KB

SE
Size: 928KB - Virtual size: 928KB

SE
Size: 4KB - Virtual size: 4KB