ded28031a77c3a91e4c602e947b8e2ba_JaffaCakes118

General

Target

ded28031a77c3a91e4c602e947b8e2ba_JaffaCakes118
Size

7KB
MD5

ded28031a77c3a91e4c602e947b8e2ba
SHA1

4d698fdc6f93fac7a90d0264686c8b715197db45
SHA256

dab161df41377326a851738735b6cb0478dffb3a74df550dbb575102d144540b
SHA512

d6af3138a7e5e084721c5e12e5aac9f55577e48b6486daae100a54c000f2829962c76057805edb47a531502413d2281eea8ac1f8e29badbdde41efc103a48963
SSDEEP

96:1tUZESq5f8qKmHqIOe3+HnSufvcSrsyvx3Ral/Kw3h0djCxK6JEtO8xfiAu//0RD:1vp5xKmHLoUysyZ30nydLOuTzRjFbF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/printip.exe

Files

ded28031a77c3a91e4c602e947b8e2ba_JaffaCakes118
.zip
printip.exe
.exe windows:4 windows x86 arch:x86

35596f129b648cb3c0fe9485496f2e29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegOpenKeyExA
RegCloseKey

kernel32

CloseHandle
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
GetCommandLineA
GetEnvironmentStringsA
GetLastError
GetModuleHandleA
GetStartupInfoA
GetSystemInfo
GetVersionExA
GlobalAlloc
GlobalFree
MultiByteToWideChar
ReadFile
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile
GetStdHandle

ole32

CoInitialize
CoUninitialize

oleaut32

SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

wsock32

accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
gethostname
getservbyname
listen
recv
recvfrom
select
send
sendto
setsockopt
socket
WSAAsyncSelect
WSACleanup
WSAGetLastError
WSAStartup

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rloc
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35596f129b648cb3c0fe9485496f2e29

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

wsock32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 1024B - Virtual size: 1KB

.link Size: 2KB - Virtual size: 1KB

.rloc Size: 512B - Virtual size: 3KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 1024B - Virtual size: 1KB

.link
Size: 2KB - Virtual size: 1KB

.rloc
Size: 512B - Virtual size: 3KB