d434eebe45d3933087e3a38e786dfe96_JaffaCakes118

General

Target

d434eebe45d3933087e3a38e786dfe96_JaffaCakes118
Size

172KB
MD5

d434eebe45d3933087e3a38e786dfe96
SHA1

ad2ee2c3fbaa42dbc362adf2b235cda699423eab
SHA256

940b6ccb8d225a458e39e7fd601bac849cfeece28d40e44f5bcd164d2754bfc4
SHA512

5038d31d010caa178ca1cea274b5e7198d76b9f7dff5f205da2bfc914e9a2e86f383545fffee6b0794cbd923d1d993094b5b94c6e76f5b333504fa13045f0b13
SSDEEP

3072:tcZqxgb06gpfk73sNN7B/0VpMMfAxlLamFiiOAKe9FwIMuVbx5hHBzX:yqxDpfkAD7Bs8M4xlLZKehptX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d434eebe45d3933087e3a38e786dfe96_JaffaCakes118

Files

d434eebe45d3933087e3a38e786dfe96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3610005d0d02de8bf7a81c8af49bf489

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
send

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
??3@YAXPAX@Z
_acmdln
exit
_XcptFilter
_exit
free
_except_handler3
rand
strlen
atoi
memcpy
memset
strcpy
strtok
??2@YAPAXI@Z
strcmp
getenv
strcat

kernel32

GetModuleFileNameA
GetStartupInfoA
CloseHandle
lstrcmpiA
GetCurrentProcess
GetModuleHandleA
lstrcmpA
ReadProcessMemory
Sleep
GetModuleFileNameW
lstrlenW
WriteProcessMemory
GetCommandLineA
OutputDebugStringA
LoadLibraryA
GetProcAddress
lstrcpyA
CreateMutexA
GetLastError
lstrcatA
CreateThread
WaitForSingleObject
ExitProcess
lstrlenA

user32

GetWindowLongA
EnableMenuItem
GetParent
TrackPopupMenu
KillTimer
SetWindowLongA
TranslateMessage
CreateWindowExA
PostQuitMessage
UpdateWindow
MessageBoxW
DialogBoxParamA
MessageBoxA

gdi32

SelectPalette
SetBkMode
TextOutA

shell32

SHGetFileInfoA

ole32

CoCreateInstance
CoInitialize

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3610005d0d02de8bf7a81c8af49bf489

Headers

File Characteristics

Imports

ws2_32

msvcrt

kernel32

user32

gdi32

shell32

ole32

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 46KB - Virtual size: 49KB

.rsrc Size: 106KB - Virtual size: 106KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 46KB - Virtual size: 49KB

.rsrc
Size: 106KB - Virtual size: 106KB