cf303a641b344438a78ac4ab0dc68eb1_JaffaCakes118

General

Target

cf303a641b344438a78ac4ab0dc68eb1_JaffaCakes118
Size

77KB
MD5

cf303a641b344438a78ac4ab0dc68eb1
SHA1

f8ac89a6d03c88db744afd119fd9b7d38ce3d957
SHA256

31ede6930fd9eccf2987c44a356a155b1b647d0a78a705528873cfb458884617
SHA512

dc20c837e1eec0a3f4b2919609aa4dbe231516754a04406603154bd2b2189640cfad868715df8f7192c2006b676b1e02a38a98c4ced13159f3299df64ae134a7
SSDEEP

1536:yGUGZaARmArDnbYcTPSPMHCptGetMX1kcNDfK:yGFFJLbYcTPJKtGet+kc9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf303a641b344438a78ac4ab0dc68eb1_JaffaCakes118

Files

cf303a641b344438a78ac4ab0dc68eb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddf46908b65a4104a40adfc703ff3056

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetFileSize
Sleep
SetFilePointer
SetEndOfFile
GetCurrentProcessId
GetProcAddress
WinExec
SetFileTime
GetFileTime
CreateFileA
GetModuleHandleA
CloseHandle
CopyFileA
GetWindowsDirectoryA
GetModuleFileNameA
GetSystemDirectoryA
DeleteFileA
WriteFile
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
CreateMutexA
GetLastError
FreeLibrary
LoadLibraryA
GetVersion
FreeEnvironmentStringsA
FreeEnvironmentStringsW
LCMapStringA
LCMapStringW
GetOEMCP
GetACP
FlushFileBuffers
IsBadCodePtr
SetStdHandle
GetCPInfo
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadWritePtr
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapReAlloc
GetStdHandle
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

user32

LoadStringA
wsprintfA

ws2_32

inet_ntoa
gethostbyname
closesocket
WSASetLastError
htons
connect
socket
recv
send
WSACleanup
WSAStartup
gethostname
inet_addr

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ddf46908b65a4104a40adfc703ff3056

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 40KB - Virtual size: 40KB