d9a0d02edb0e353bf65e3b3bea23d83e_JaffaCakes118

General

Target

d9a0d02edb0e353bf65e3b3bea23d83e_JaffaCakes118
Size

27KB
MD5

d9a0d02edb0e353bf65e3b3bea23d83e
SHA1

3832809a79ebac88314eb89c7b9f4096e8bfaa99
SHA256

48f36418002488c00d72a7d447dcee8590a83f1f806d653eb0c8aad998f8f79e
SHA512

46c68426e56b1bffba73e0fd18a6e8551af72f3918175b63110bbfcfae8452cdfefe398428519ed763392eb3457985255a698606ead8fb4c2b77509a9f993da5
SSDEEP

384:nXw6wO/Y8mV16v3uTLzYxtpkop7Hyl0JkkpGnyT0C/XF1FMY0F1DdCvqok:nbwUvpxtiS7HE02kpGyr9MdF1Uvqok

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9a0d02edb0e353bf65e3b3bea23d83e_JaffaCakes118

Files

d9a0d02edb0e353bf65e3b3bea23d83e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ea6578bed1db7a46c4b32ec201a5c10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

send
select
__WSAFDIsSet
recv
ioctlsocket
socket
connect
closesocket
WSASetLastError
WSACleanup
htons
inet_addr
gethostbyname
WSAStartup

kernel32

Sleep
SuspendThread
CreateThread
GetDriveTypeA
Process32Next
GetVersionExA
PeekNamedPipe
FindFirstFileA
WaitForSingleObject
CloseHandle
TerminateProcess
ReadFile
GetLastError
DeleteFileA
TerminateThread
GetStartupInfoA
GetModuleHandleA
CreatePipe
GetFileSize
FindNextFileA
CreateFileA
Process32First
FileTimeToSystemTime
ResumeThread
FileTimeToLocalFileTime
FindClose
GetComputerNameA
GetLogicalDrives
GetCurrentDirectoryA
WriteFile
CopyFileA
SetFilePointer
CreateToolhelp32Snapshot
OpenProcess
CreateProcessA
GetEnvironmentVariableA
SetCurrentDirectoryA

msvcrt

__getmainargs
_XcptFilter
rand
srand
exit
time
__p__fmode
__setusermatherr
_adjust_fdiv
_initterm
atoi
vsprintf
sprintf
_except_handler3
_strnicmp
__p__commode
_acmdln
_exit
_controlfp
_stricmp
__set_app_type

advapi32

GetUserNameA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ea6578bed1db7a46c4b32ec201a5c10

Headers

File Characteristics

Imports

ws2_32

kernel32

msvcrt

advapi32

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB