d1e0269b75681e99451b7ace4423e540_JaffaCakes118

General

Target

d1e0269b75681e99451b7ace4423e540_JaffaCakes118
Size

92KB
MD5

d1e0269b75681e99451b7ace4423e540
SHA1

86317ddc3545b5915c708234a8176d175fffd46b
SHA256

a597c3bc8d376e61f2c94543b7e49136ae5e03266d13b6a1f68cfaaf7f84261a
SHA512

d46b115ba94ef3693b169b831b5b72e17506cd3ade48c58728776fd44f223f24ea058880e601a2c380e2399985069126ad20d5773cda88e0d28aea75d0e536d0
SSDEEP

1536:ld8h3LmdsTOcIogmto7nG0nx2deJtJoqumKzuhPd:45U4zaLXx1nJoqutzuhPd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1e0269b75681e99451b7ace4423e540_JaffaCakes118

Files

d1e0269b75681e99451b7ace4423e540_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8901f2447e600cbbfb3f64feeed3ab71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetTickCount
LCMapStringA
MultiByteToWideChar
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
GetFileAttributesA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
ReadFile
CreateFileA
SetStdHandle
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCommandLineA
GetVersion
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSection
Sleep
GetStringTypeW
SetFilePointer
LCMapStringW
HeapFree
FlushFileBuffers
WriteFile
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
UnhandledExceptionFilter
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetStringTypeA

ws2_32

WSAStartup
WSACleanup
socket
setsockopt
gethostname
gethostbyname
bind
getsockname
WSAIoctl
recvfrom
htonl
inet_addr
ntohs
ntohl
inet_ntoa
sendto
connect
ioctlsocket
send
htons
recv
WSAGetLastError
closesocket

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8901f2447e600cbbfb3f64feeed3ab71

Headers

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 36KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 36KB