b664f379ba908597dad33e8a1e4fedbd_JaffaCakes118

General

Target

b664f379ba908597dad33e8a1e4fedbd_JaffaCakes118
Size

487KB
MD5

b664f379ba908597dad33e8a1e4fedbd
SHA1

665ead7640fcec20e5659d725cf2fd90461656cd
SHA256

f8ae8f4a64c7ee050f35db5089b7a7721aabb4d768b245a588d04a946de00249
SHA512

d8ffaa60b4623ceee247b9b98527b21355df47e696b066a0021747e6f95affd9c3bf076c8e850850dddb003ac23b59dd2d8187a64342906049ebeadea662134d
SSDEEP

6144:7t1ysG/7cPimSuI6p3X9VNF8B17gJ2Mp4LKE+uTvDQHIFWXsMRDCrK+FMyZPIKmk:7tAsGjcqjeLIT6mLKGM8VMyZPx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b664f379ba908597dad33e8a1e4fedbd_JaffaCakes118

Files

b664f379ba908597dad33e8a1e4fedbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

806ed89fd8b818ccc48be1f55da9e303

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA

ws2_32

connect
send
ntohs

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
??3@YAXPAX@Z
_acmdln
exit
_XcptFilter
_exit
free
_except_handler3
strcmp
rand
strlen
atoi
memcpy
memset
strtok
strcpy
??2@YAPAXI@Z
getenv
strcat
_controlfp

kernel32

GetStartupInfoA
VerLanguageNameA
AllocConsole
CloseHandle
lstrcmpiA
GetCurrentProcess
GetModuleHandleA
ReadProcessMemory
Sleep
GetModuleFileNameW
lstrlenW
WriteProcessMemory
GetCommandLineA
LoadLibraryA
OutputDebugStringA
GetProcAddress
GetModuleFileNameA
CreateMutexA
GetLastError
lstrcmpA
lstrcatA
CreateThread
WaitForSingleObject
ExitProcess
lstrlenA
lstrcpyA

user32

UpdateWindow
KillTimer
GetWindowRect
SetTimer
EnableMenuItem
GetSysColor
DestroyIcon
TrackPopupMenu
CreateWindowExA
MessageBoxA
MessageBoxW

gdi32

SelectPalette
RealizePalette
CreateDCA
BitBlt
DeleteObject

comdlg32

PrintDlgA
ChooseFontA

shell32

SHGetFileInfoA
ShellExecuteA

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

806ed89fd8b818ccc48be1f55da9e303

Headers

File Characteristics

Imports

version

ws2_32

msvcrt

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 47KB - Virtual size: 51KB

.rsrc Size: 89KB - Virtual size: 88KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 47KB - Virtual size: 51KB

.rsrc
Size: 89KB - Virtual size: 88KB