ea8f439ffe0a8a2999f18083dec8fd62_JaffaCakes118

General

Target

ea8f439ffe0a8a2999f18083dec8fd62_JaffaCakes118
Size

56KB
MD5

ea8f439ffe0a8a2999f18083dec8fd62
SHA1

dfe1705138687dba0d463f42ee1a98c67b105937
SHA256

a7c596eee025c78708ee2e19aa942079bffe1749a86d1d50d645f6e1da478e09
SHA512

b92bb992f647d36f1d3a65c9ac24b693ab6be20496dd9149833712c926b51b7460e3e232cde985874d89e6c1e1ef4e38e91fed1a79a3b75ad86d045c8f6ecc94
SSDEEP

768:2zJ0cZu45ddSP4rDyJ/TYqqhBQLqVaGWXnaBic0RZrI98CMNt12ctZ3hJDw+:2zJ0b4ZRrw/UqSFNWX2a+NARJD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea8f439ffe0a8a2999f18083dec8fd62_JaffaCakes118

Files

ea8f439ffe0a8a2999f18083dec8fd62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7071b04b533967575d1d26640f53866a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

ws2_32

ntohs
connect
select
__WSAFDIsSet
recv
send
sendto
WSAStartup
socket
WSACleanup
htons
bind
listen
gethostbyname
inet_addr
accept
inet_ntoa
closesocket

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FlushFileBuffers
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
SetFilePointer
GetCPInfo
GetOEMCP
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetSystemTime
VerifyVersionInfoA
VerSetConditionMask
CreateThread
TerminateThread
Sleep
GetModuleFileNameA
GetModuleHandleA
WaitForSingleObject
WideCharToMultiByte
GetCommandLineW
LCMapStringW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
SetStdHandle
GetACP
GetCurrentProcess
GetStringTypeA
HeapSize
ExitProcess
GetProcAddress
TerminateProcess
CloseHandle
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

shell32

CommandLineToArgvW

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7071b04b533967575d1d26640f53866a

Headers

File Characteristics

Imports

wininet

ws2_32

kernel32

advapi32

shell32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 8KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 8KB