f513ff3813de85ff70d61ff92c8284e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f513ff3813de85ff70d61ff92c8284e4_JaffaCakes118
Size

28KB
MD5

f513ff3813de85ff70d61ff92c8284e4
SHA1

963648d1360d6927fdc6fc8ca3d739b2fabb7900
SHA256

72d8f8d4730e9695effe2a39911f763121099c96b0d2a928e139293433153aee
SHA512

24979284ffe53486bc548e9760634c9183ff7878a5525946cb7b93fe55a18a90069d37a955082e3cee029e790e84333434ca2fd176dadafa8a71c7f356d5fa2d
SSDEEP

768:2vUa5SNDtzpTXchyyJYvGvMGpvXnC+DJ1my:uUaIxrTM8yJYvGvT1CELmy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f513ff3813de85ff70d61ff92c8284e4_JaffaCakes118

Files

f513ff3813de85ff70d61ff92c8284e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f61498830ce0fab681a67a193bd17c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc40

ord4173
ord3578
ord1539
ord3890
ord4657
ord2086
ord4608
ord5647
ord3837
ord4694
ord3314
ord4296
ord3922
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4677
ord2140
ord1850
ord4691
ord2617
ord2754
ord2843
ord3945
ord2744
ord2845
ord2620
ord2696
ord3345
ord3346
ord3340
ord2694
ord3580
ord4101
ord3907
ord3134
ord570
ord315
ord731
ord2199
ord5360
ord1035
ord706
ord5275
ord2707
ord2317
ord1061
ord3656
ord486
ord2514
ord2081
ord662
ord421
ord2713
ord4142
ord3761
ord5648
ord3963
ord2234
ord2197
ord5070
ord3431
ord965
ord4627
ord2097
ord2909
ord4713
ord4681
ord2390
ord3579
ord4165
ord4719
ord4703
ord5053
ord4096
ord3906
ord3259
ord721
ord504
ord2299
ord1060
ord1100
ord4450
ord4312
ord3859
ord1014
ord3724
ord4715
ord1368

msvcrt40

malloc
rand
fgetc
fseek
__dllonexit
fopen
_onexit
_exit
_XcptFilter
__p__acmdln
_initterm
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_setmbcp
fclose
free
exit
sprintf
atoi
__CxxFrameHandler
fscanf
_controlfp

kernel32

GetCommandLineA
Sleep
GetVersion
GetModuleHandleA
GetStartupInfoA

user32

IsIconic
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
GetSystemMetrics
SendMessageA
KillTimer
SetTimer
EnableWindow
PostMessageA
LoadIconA

wsock32

WSAGetLastError
htons
shutdown
setsockopt
socket
getprotobyname
ioctlsocket
sendto
htonl
WSACleanup
gethostbyname
closesocket

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f61498830ce0fab681a67a193bd17c5

Headers

File Characteristics

Imports

mfc40

msvcrt40

kernel32

user32

wsock32

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB