fba8c0a5966b80b607fa49e8b563616c_JaffaCakes118

General

Target

fba8c0a5966b80b607fa49e8b563616c_JaffaCakes118
Size

56KB
MD5

fba8c0a5966b80b607fa49e8b563616c
SHA1

878d86934b58c31c5bc37decc2ed735be576b4f9
SHA256

47d0b9f7bce3569acf99fb4af9e4ca91fdbc1bc173d02f28c32edea5d52a2eaa
SHA512

9933c1ef95b12b129ef5bdd11c8ef3a756ce101b7e054061f407d90774aa5c3723668735827ed4f73b57a510964ea68625075c96ff83bf2658bda993a6d9125b
SSDEEP

1536:51vc4uax+0Mxag6g03CRX6+cwMq24ocozv:5Bp9M156wxRoco

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fba8c0a5966b80b607fa49e8b563616c_JaffaCakes118

Files

fba8c0a5966b80b607fa49e8b563616c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

127b0b8db9a14954f8a1d814ddecb8b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
GetLocalTime
GlobalFree
GlobalAlloc
CopyFileA
GetWindowsDirectoryA
GetVersionExA
Sleep
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetSystemDefaultLangID
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
MultiByteToWideChar
GetProcAddress
LoadLibraryW
CopyFileW
GetLastError
CreateDirectoryA
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
CloseHandle
WriteFile
ReadFile
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate

mpr

WNetEnumResourceA
WNetOpenEnumA
WNetCloseEnum

ws2_32

ioctlsocket
connect
select
closesocket
socket
recv
gethostbyname
inet_ntoa
WSAStartup
WSACleanup
inet_addr
htons
gethostname
send

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

127b0b8db9a14954f8a1d814ddecb8b1

Headers

File Characteristics

Imports

kernel32

mpr

ws2_32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 14KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 14KB