c1f6499b3fe6d9bf3e817019f67ecd1a_JaffaCakes118

General

Target

c1f6499b3fe6d9bf3e817019f67ecd1a_JaffaCakes118
Size

82KB
MD5

c1f6499b3fe6d9bf3e817019f67ecd1a
SHA1

d7ce1befc000cb66870416c5a4a9d02b8f6c6a1e
SHA256

3a296b1ee1a90669f92d3b647d51af51c96c93487f2589cbe84c0bdf5d431a92
SHA512

5dcdbb17151e77762096c05c6a8adbd01e96f353bd7c8044f72ad9e3cec72a4427c246a59d32ae3dc96281e88aefd2e8758cfc3dada74add62114a3728618e47
SSDEEP

1536:fC0KCP2Ddvg1D6b5fyr9LqwAn2CBcuxA8Nck3YJ:fC0TPmdvsmlyJL6n2qjAcYJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1f6499b3fe6d9bf3e817019f67ecd1a_JaffaCakes118

Files

c1f6499b3fe6d9bf3e817019f67ecd1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd6d06b598a9829d3d41da2de5b27dd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetSystemTimeAsFileTime
SetSystemPowerState
GetCPInfo
FormatMessageA
GetCurrentThread
GetVersionExW
TerminateProcess
CreatePipe
PeekNamedPipe
GetShortPathNameW
GetEnvironmentVariableW
WinExec
SetUnhandledExceptionFilter
SetErrorMode
DuplicateHandle
GetModuleFileNameA
OpenMutexA
CreateMutexW
ReleaseMutex
GetWindowsDirectoryW
QueryPerformanceCounter
GetSystemTime
GetLocalTime
CreateFileW
GetModuleHandleA
MoveFileExA
GetDateFormatA
FreeResource
FindResourceA
LoadResource
FreeLibrary
LoadLibraryW
ExitProcess
GetCurrentProcessId
GetFileTime
GetModuleFileNameW
WideCharToMultiByte
GetFileAttributesW
SetFileAttributesA
GetCurrentThreadId
GetCommandLineW
GetModuleHandleW
WriteConsoleA

ws2_32

WSACleanup
getprotobynumber
getservbyname
getservbyport
setsockopt
socket
WSAConnect
WSACreateEvent
WSAGetOverlappedResult
WSASocketA

msvcr71

_c_exit
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
wcslen
fclose
fwrite
fseek
fopen
memset
free
malloc
_controlfp
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd6d06b598a9829d3d41da2de5b27dd4

Headers

File Characteristics

Imports

kernel32

ws2_32

msvcr71

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 32KB - Virtual size: 278KB

.rsrc Size: 1024B - Virtual size: 856B

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 32KB - Virtual size: 278KB

.rsrc
Size: 1024B - Virtual size: 856B