bf0d8d2bc16d6249986003b188bdfa22_JaffaCakes118

General

Target

bf0d8d2bc16d6249986003b188bdfa22_JaffaCakes118
Size

24KB
MD5

bf0d8d2bc16d6249986003b188bdfa22
SHA1

6c4aac4e257ffbc14951da73e35f9ba77ea98039
SHA256

586a9b2ad3598efa890f93570dc25c94fcdf7f527b25e9f4bde83dc2f3482849
SHA512

5b3627e99b8ecf84964ca7ec6cf55480f72cff6ebb611598cc03d5bf10ccf76d2ed977bae58583aa45a2c958ad546f18b528fdd7e3dfd1d77d007ce083aae4ab
SSDEEP

384:SNQWDSD3FFJew1/Sxh1uq9wsvBZp6rvitp0LTFE6vHmRrQOFzZkQjr/OX4HbBg37:UQWmR1/Sxhs5vYMFFMQShXOoyUCd1O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf0d8d2bc16d6249986003b188bdfa22_JaffaCakes118

Files

bf0d8d2bc16d6249986003b188bdfa22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2fe40bed705409e41609c9773162ef31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetTickCount
TerminateProcess
ReadFile
WriteFile
PeekNamedPipe
GetProcAddress
LoadLibraryA
CreateProcessA
CloseHandle
CreatePipe
GetDriveTypeA
GetLogicalDrives
SetFilePointer
GetFileSize
GetLastError
CreateFileA
DeleteFileA
FindClose
CopyFileA
GetEnvironmentVariableA
VirtualProtect
ExitProcess
GetModuleFileNameA
GetCurrentDirectoryA
GetStartupInfoA
GetModuleHandleA

ws2_32

gethostname
send
select
__WSAFDIsSet
gethostbyname
recv
setsockopt
socket
htons
bind
connect
closesocket
WSASetLastError
WSAStartup
WSACleanup
inet_addr

msvcrt

_strnicmp
_strupr
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_stricmp
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
rand
atoi
free
strlen
strstr
??2@YAPAXI@Z
strcpy
strcat
sprintf
memset
memcmp
sscanf
__p___argv
__p___argc
_exit

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fe40bed705409e41609c9773162ef31

Headers

File Characteristics

Imports

kernel32

ws2_32

msvcrt

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 988B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 988B

.rsrc
Size: 1KB - Virtual size: 1KB