eb6a0fb84d31630d160e97a6294225fa_JaffaCakes118

General

Target

eb6a0fb84d31630d160e97a6294225fa_JaffaCakes118
Size

36KB
MD5

eb6a0fb84d31630d160e97a6294225fa
SHA1

b1871f79996980fded7061711c15c0d180d344b9
SHA256

0a0a324e3689a2ca77d2c1a680a929f656b1c3fbeeab0de59b5b947b1fe3b802
SHA512

80d78392560130bf68a0bef0d89c4e2805775dac1ee0c4c4e2d3bc399393a7dd31c646eaf0698493b101652225825baa7b9c8a7dec56303d827d8fa7a23bc5e4
SSDEEP

768:GFre9MDijNAXW1E7ap46bkV23gRCjsd+/3yMyRyy4CpvZ:GFre9MDixAXW1E7ap46bkV23gRCjsd+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb6a0fb84d31630d160e97a6294225fa_JaffaCakes118

Files

eb6a0fb84d31630d160e97a6294225fa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b95d52419458be189f4b9dd559add9cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
ExitProcess
Sleep
OutputDebugStringA
CloseHandle
UnmapViewOfFile
WriteFile
GetTickCount
GetTempPathA
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA

ws2_32

WSAStartup
gethostname
gethostbyname
inet_addr
inet_ntoa
socket
htons
connect
send
closesocket

mpr

WNetAddConnection2A

rpcrt4

RpcStringFreeA
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingFree
NdrNsSendReceive
NdrNsGetBuffer
NdrClientInitializeNew
NdrConformantArrayUnmarshall
NdrConvert
NdrConformantStringMarshall
NdrPointerMarshall
NdrConformantStringBufferSize
NdrPointerBufferSize
RpcRaiseException
NdrServerInitializeNew
NdrConformantArrayMarshall
I_RpcGetBuffer
NdrConformantArrayBufferSize
NdrAllocate
NdrConformantStringUnmarshall
NdrPointerUnmarshall
NdrFreeBuffer

msvcrt

_adjust_fdiv
_initterm
strlen
memset
malloc
printf
_except_handler3
sprintf
free

Exports

Exports

Scan

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b95d52419458be189f4b9dd559add9cb

Headers

File Characteristics

Imports

kernel32

ws2_32

mpr

rpcrt4

msvcrt

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 960B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 960B

.reloc
Size: 4KB - Virtual size: 2KB