ce20e10c6516b6b23e926a3810a86404_JaffaCakes118

General

Target

ce20e10c6516b6b23e926a3810a86404_JaffaCakes118
Size

76KB
MD5

ce20e10c6516b6b23e926a3810a86404
SHA1

df2e1cd9d3894866d2b91c6ed343bfe102beccd1
SHA256

21e3b9e42ce951d9bc41417a4cc4a43f8f4cb55c3dfa5428be1933f09bd1408a
SHA512

56bfdc1f009e6efe9d78bb9b51dbef70333ec1bb9531c710f809e8e1d00f9a7a3b0c750612a46234de33763112bd9dffb3fc003e0adb3d19c001a5b6e15d3d39
SSDEEP

1536:ghfeXXMD4V42Mp4R7lOek4bBuxdFM0hk+r+c:CfeXPUU7lOybwxdFM01rJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce20e10c6516b6b23e926a3810a86404_JaffaCakes118

Files

ce20e10c6516b6b23e926a3810a86404_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0c66fd773d36116c11a395515f02e2c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileA
GetSystemTimeAsFileTime
CancelTimerQueueTimer
EnterCriticalSection
GetUserDefaultLCID
AddAtomW
WideCharToMultiByte
VirtualAlloc
ClearCommBreak
FindAtomW
OpenEventW
GetConsoleCP
SetUnhandledExceptionFilter
OpenConsoleW
BeginUpdateResourceW
GetModuleHandleW
FatalExit
DeleteCriticalSection
DeleteTimerQueue
GetLastError
EnumDateFormatsExW
GlobalAlloc
LeaveCriticalSection
GetCurrentProcessId
ExitProcess
CreateMutexW
GetConsoleNlsMode
ExitThread
CloseHandle
GetCurrentThreadId

ws2_32

WSAStartup
listen
closesocket
accept
bind
WSACleanup
WSALookupServiceNextA
connect
WSAGetServiceClassNameByClassIdW
send

msvcrt

_cgetws
_c_exit
_cgets
_access
_atoi64
_assert
_cabs
_chdir

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c66fd773d36116c11a395515f02e2c8

Headers

File Characteristics

Imports

kernel32

ws2_32

msvcrt

Sections

.text Size: 68KB - Virtual size: 68KB

.data Size: - Virtual size: 160KB

.bss Size: 512B - Virtual size: 256B

.rdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.edata Size: 1024B - Virtual size: 576B

.text
Size: 68KB - Virtual size: 68KB

.data
Size: - Virtual size: 160KB

.bss
Size: 512B - Virtual size: 256B

.rdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.edata
Size: 1024B - Virtual size: 576B