eb977850a49aec233e8d5d9ff0a6c0a4_JaffaCakes118

General

Target

eb977850a49aec233e8d5d9ff0a6c0a4_JaffaCakes118
Size

21KB
MD5

eb977850a49aec233e8d5d9ff0a6c0a4
SHA1

0e759c8bbeff7117dac17c45558345cc913a1ecd
SHA256

a3b705e9baffc024ccd64cb72bb71f14eb00f507ce97ff262d2c3cea8160343d
SHA512

3a4d4a7a2f678e3be532b4ead546ed03b27ebb7273d14bd6a440a2363ff9e98e850e471dc54379f85d0fbb95a32080f0b0292cccccbaa5b0967699674f56506a
SSDEEP

384:zd6e0ATU9H8HOW+HEoLCulAbyseiE5rtjn1sVbdeYT6Dzc:zdxTwH8u7HEoLCYAbyseiEnz1sVbdeYr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb977850a49aec233e8d5d9ff0a6c0a4_JaffaCakes118

Files

eb977850a49aec233e8d5d9ff0a6c0a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb3365302f25e38598700389eb1c1981

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetVolumeInformationA
GetComputerNameA
CreateThread
GetSystemDirectoryA
HeapAlloc
GetProcessHeap
HeapFree
lstrcpynA
CloseHandle
lstrcatA
CopyFileA
lstrlenA
WinExec
Sleep
CreateMutexA
InitializeCriticalSection
MoveFileExA
GetTempPathA
DeleteFileA
LoadLibraryA
GetLastError
WriteFile
CreateFileA
GetProcAddress
GetFullPathNameA
CreateEventA
WaitForSingleObject

user32

wsprintfA

advapi32

CreateServiceA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle

ws2_32

htonl
bind
listen
accept
setsockopt
recv
select
__WSAFDIsSet
send
gethostbyname
htons
WSAStartup
WSASocketA
WSAIoctl
shutdown
closesocket
connect
socket
inet_ntoa

wininet

InternetOpenA
InternetSetOptionA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetGetConnectedState

msvcrt

atoi
rand
strstr
strlen
exit
time
srand
realloc
atol
free
memset
_snprintf
malloc

Sections

.flat
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bb3365302f25e38598700389eb1c1981

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

wininet

msvcrt

Sections

.flat Size: 14KB - Virtual size: 14KB

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 196B

.flat
Size: 14KB - Virtual size: 14KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 196B