bc1863604c870b10597780c3c8132911_JaffaCakes118

General

Target

bc1863604c870b10597780c3c8132911_JaffaCakes118
Size

80KB
MD5

bc1863604c870b10597780c3c8132911
SHA1

964670851eb66683d541bb3d9a91c687d4cb9fa3
SHA256

92dcf95a4b956c25992bfd43a0cf013236ab1e98c506627c0f212247719ab7a1
SHA512

83909b435978061658a191dfa444c464111e45385e1258bd2482dafd3c7b4c279e1b107f191d917ad7c5fee3b544280d5b043e477942fe0c368c710b2a54c215
SSDEEP

1536:5ztgQI+I1lt/tXrJ4r5dX/FiD97x1+pLbTR7mDewyvMRjr5:zohv1XrUdvwZj+/yqwyKjr5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc1863604c870b10597780c3c8132911_JaffaCakes118

Files

bc1863604c870b10597780c3c8132911_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b1594a7bcffb8c515866b35f246bfab2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ioctlsocket
recvfrom
setsockopt
sendto
bind
socket
WSAStartup
closesocket
inet_ntoa
inet_addr
htons

kernel32

GetFileType
GetProcessHeap
SetEndOfFile
GetTickCount
Sleep
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
SetHandleCount
RtlUnwind
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
CloseHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
MultiByteToWideChar
ReadFile
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers
HeapSize
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1594a7bcffb8c515866b35f246bfab2

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 11KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 11KB