d5f070879b6ad401ae6faa5a2d6d5cc0_JaffaCakes118

General

Target

d5f070879b6ad401ae6faa5a2d6d5cc0_JaffaCakes118
Size

52KB
MD5

d5f070879b6ad401ae6faa5a2d6d5cc0
SHA1

3c6885dcded05cc86fe967a7bf7299aa8782b1d7
SHA256

9ca457a9d296939ac7524a4a4f1d7e118d7097636cd47c94763c24208b376d6d
SHA512

67bb55b81dbf8d5cdba331dee78e03ebd3673609a914809aafd5cd7221fdc0f133db9cf170f7990d7085c152b1c0315a9fe09d035a5d4e38f3c21dc6d9ec2605
SSDEEP

768:lUcPhDDPNoOG++OuxSagRm/iDr1MRJebjKBUo:BdLuXiDBMneyOo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5f070879b6ad401ae6faa5a2d6d5cc0_JaffaCakes118

Files

d5f070879b6ad401ae6faa5a2d6d5cc0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6196c942007c23b4823f2eeba5b4916e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetCurrentThread
SetThreadPriority
CloseHandle
WriteFile
SetPriorityClass
lstrlenA
LCMapStringA
GetStringTypeW
ResumeThread
Sleep
CreateProcessA
GetModuleHandleA
CreateFileA
GetModuleFileNameA
GetStringTypeA
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
MultiByteToWideChar
SetFilePointer
FlushFileBuffers
SetStdHandle
RtlUnwind
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetLastError
ReadFile
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringW

user32

wsprintfA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA

ws2_32

WSAStartup
htons
send
recv
WSACleanup
closesocket
socket
connect
select

urlmon

URLDownloadToFileA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6196c942007c23b4823f2eeba5b4916e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

urlmon

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 15KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 15KB