eac650a8e913d2f03f56125eaf512c51_JaffaCakes118

General

Target

eac650a8e913d2f03f56125eaf512c51_JaffaCakes118
Size

88KB
MD5

eac650a8e913d2f03f56125eaf512c51
SHA1

9775af673cdbe527d39cb988a4d3572d684f7ca1
SHA256

cff0ad3345eee4409788413885111982c3d5eecdae6258e9f2bde392ea01fb9d
SHA512

e7dc92deffdafcac43e600ee5c3a53d1040eb73f9e324dfdda7df1b3bc0ecb629c731c2f84c504d2b41f58c2ca6d10760a66577db854f33b30f4d607da35f36a
SSDEEP

768:NorVDZkL65pfctHFtz60VZuKoQ8O6fHq0wfuwJYzHzBK8nAb74mmiB9bSz3Cz7Pu:NeQ65ytz6+Joj2fuwKHFmezCnEogV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eac650a8e913d2f03f56125eaf512c51_JaffaCakes118

Files

eac650a8e913d2f03f56125eaf512c51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

505a0fda130ba0c93e7e62cc173ca5c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
Sleep
WinExec
CopyFileA
GetWindowsDirectoryA
CreateThread
WriteProfileStringA
GetProfileStringA
GetTickCount
GetModuleFileNameA
DeleteCriticalSection
CloseHandle
GetCurrentProcessId
GetCurrentThreadId
SetEnvironmentVariableA
CompareStringW
CompareStringA
ReadFile
LCMapStringW
InitializeCriticalSection
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
HeapReAlloc
VirtualAlloc
SetStdHandle
SetFilePointer
RtlUnwind
VirtualFree
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapCreate
EnterCriticalSection
LCMapStringA
LeaveCriticalSection
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
GetProcAddress
GetLastError
FlushFileBuffers
WriteFile
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetFileAttributesA
UnhandledExceptionFilter
GetSystemTimeAsFileTime

ws2_32

send
WSAStartup
setsockopt
listen
WSAAccept
__WSAFDIsSet
recvfrom
sendto
WSAGetLastError
select
ntohl
recv
gethostbyname
htonl
shutdown
closesocket
WSASocketA
bind
connect
getsockname
ntohs
htons

urlmon

URLDownloadToFileA

wininet

InternetGetConnectedState

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

505a0fda130ba0c93e7e62cc173ca5c9

Headers

File Characteristics

Imports

kernel32

ws2_32

urlmon

wininet

advapi32

Sections

.text Size: 80KB - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 1KB