d729c2cf850fbdc9cf2f2adca97d9466_JaffaCakes118

General

Target

d729c2cf850fbdc9cf2f2adca97d9466_JaffaCakes118
Size

49KB
MD5

d729c2cf850fbdc9cf2f2adca97d9466
SHA1

562de652a86b84aeac4cfa0eb842d9a94c4b7170
SHA256

9838a20a32493a74a6435c6ca7f59fb581bc7fb32ef72b863953437e81877f4a
SHA512

264d897a64b4a07652f84dc16e2167a9cc32e81859f8d1896749b451dd76ba5c7ec729e58ce2b7cad85270642f96e3c46425d4acc3b7da74ac8e74cee2596436
SSDEEP

768:y6mICfINvZX1xTMhv9bxQEU7UL+ZTtArA4APbm3B6B1P:FxN9wh9pIRZWrFEm34j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d729c2cf850fbdc9cf2f2adca97d9466_JaffaCakes118

Files

d729c2cf850fbdc9cf2f2adca97d9466_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b03da7779b6bc341c4a4276acc2db918

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_getpid
_itoa
_kbhit
_read
_strdup
_write
__getmainargs
__p___argv
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_isatty
_onexit
_setmode
_stricmp
_vsnprintf
abort
atexit
atoi
fprintf
fputc
free
fwrite
getenv
malloc
memcpy
memset
printf
signal
strchr
strerror
strlen
strncmp
strstr
vfprintf

kernel32

AddAtomA
CloseHandle
CreatePipe
CreateProcessA
CreateSemaphoreA
CreateThread
DisconnectNamedPipe
DuplicateHandle
ExitProcess
ExitThread
FindAtomA
FreeConsole
GetAtomNameA
GetCurrentProcess
GetLastError
GetSystemTime
PeekNamedPipe
ReadFile
ReleaseSemaphore
SetUnhandledExceptionFilter
Sleep
TerminateProcess
WaitForMultipleObjects
WaitForSingleObject
WriteFile

wsock32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
getsockname
htonl
htons
inet_addr
inet_ntoa
listen
ntohs
recv
select
send
setsockopt
socket

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b03da7779b6bc341c4a4276acc2db918

Headers

File Characteristics

Imports

msvcrt

kernel32

wsock32

Sections

.text Size: 45KB - Virtual size: 44KB

.data Size: 512B - Virtual size: 368B

.bss Size: - Virtual size: 15KB

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 45KB - Virtual size: 44KB

.data
Size: 512B - Virtual size: 368B

.bss
Size: - Virtual size: 15KB

.idata
Size: 2KB - Virtual size: 2KB