c09beab351eab9c2495b7f3f734c8a5f_JaffaCakes118

General

Target

c09beab351eab9c2495b7f3f734c8a5f_JaffaCakes118
Size

16KB
MD5

c09beab351eab9c2495b7f3f734c8a5f
SHA1

7723a99b0fd46c55dc4ff494a07c7c68ea5e6920
SHA256

3a88d8e1dcb90ba9cc4063146de0c6aa90e1aff0c76b2e66a6ba646af5fc8c01
SHA512

b302f911d767c7991740fe17f41c50de9f73a46a03c49ab86ec32bb7e3ff11c86646e09e5bc01486e3c26f654dfa823803379abb20b9dc8d3681cc18c81c342b
SSDEEP

384:xum6GlrjikIWYes6AbduhwwG7jhlwUlIILLE:xupMjikLV2duGw8zlIILLE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c09beab351eab9c2495b7f3f734c8a5f_JaffaCakes118

Files

c09beab351eab9c2495b7f3f734c8a5f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

957c66d18558e562f1cc030964b129ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord389
ord5207
ord5356
ord1988
ord860
ord2919
ord353
ord2915
ord6385
ord1979
ord665
ord690
ord5572
ord939
ord2846
ord537
ord2764
ord6648
ord4129
ord1168
ord800
ord540

msvcrt

_adjust_fdiv
malloc
_initterm
free
strncmp
strchr
strtok
exit
__CxxFrameHandler
atoi
srand
time
strstr
sprintf
rand

kernel32

WinExec
GetTempPathA
CreateThread
GlobalMemoryStatus
Sleep
GetSystemDirectoryA
GetLastError
CreateMutexA
GetProcessHeap
HeapAlloc
ExitThread
GetVersionExA
GetTickCount
GetCurrentProcessId

user32

wsprintfA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

ws2_32

select
__WSAFDIsSet
sendto
setsockopt
WSASocketA
htons
inet_addr
WSAStartup
htonl
connect
socket
send
inet_ntoa
gethostbyname
closesocket
recv

iphlpapi

GetAdaptersInfo
SendARP

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

957c66d18558e562f1cc030964b129ce

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

shell32

urlmon

ws2_32

iphlpapi

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 820B

.rsrc Size: 1024B - Virtual size: 864B

.reloc Size: 1024B - Virtual size: 816B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 820B

.rsrc
Size: 1024B - Virtual size: 864B

.reloc
Size: 1024B - Virtual size: 816B