fbcd2fa6df174aca013d5db17b755626_JaffaCakes118

General

Target

fbcd2fa6df174aca013d5db17b755626_JaffaCakes118
Size

43KB
MD5

fbcd2fa6df174aca013d5db17b755626
SHA1

e1faf8339e60905c8a9d6f756dcc8cf3d6205b6a
SHA256

ebd6a34be896a01fb5139653f2e919b46dcaaf119f70ab12a6e9dea0797c5615
SHA512

fa3024d891be5d05ed107f786fde83536c571f462ee7a6d171cb2e36e2d7ef24f8c3d7bf32505fc0ca508e3880d2aa969312eba4b765541520e9ee364e32b65a
SSDEEP

768:VxuNs8XkqWoEkq9YvjhiP0SziBl+xB0qNEmtSxZdpydhFE:VikDn9YvV40vB6B0qNEmkLdkA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbcd2fa6df174aca013d5db17b755626_JaffaCakes118

Files

fbcd2fa6df174aca013d5db17b755626_JaffaCakes118
.exe windows:5 windows x86 arch:x86

142a57ed46e4b568999d80349a71b945

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentThreadId
GetFileSize
FatalExit
GlobalAddAtomW
ClearCommBreak
LeaveCriticalSection
GetCurrentProcess
AllocConsole
GetLastError
CloseHandle
PurgeComm
CreateFileW
FindAtomW
CancelTimerQueueTimer
OpenEventW
CopyFileA
ExitThread
TerminateProcess
GetTempPathW
CreateMemoryResourceNotification
VirtualAlloc
CancelIo
GetSystemTimeAsFileTime
DeleteCriticalSection
GetCurrentProcessId
CreateMutexW
GetConsoleCP
InterlockedExchange
MoveFileA
SetUnhandledExceptionFilter
GetConsoleNlsMode
GetModuleHandleW
DeleteTimerQueue
AddAtomW
BeginUpdateResourceW
GlobalAlloc
Sleep
DeactivateActCtx
GetUserDefaultLCID
OpenConsoleW

ws2_32

connect
accept
WSACleanup
WSAStartup
closesocket
listen
bind
socket

msvcrt

_beep
_cgetws
_cgets
_atoi64
_chdir
_access
_assert

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

142a57ed46e4b568999d80349a71b945

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

msvcrt

Sections

.text Size: 35KB - Virtual size: 35KB

.data Size: - Virtual size: 510KB

.bss Size: 512B - Virtual size: 256B

.rdata Size: 1KB - Virtual size: 1KB

.edata Size: 1024B - Virtual size: 576B

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 35KB - Virtual size: 35KB

.data
Size: - Virtual size: 510KB

.bss
Size: 512B - Virtual size: 256B

.rdata
Size: 1KB - Virtual size: 1KB

.edata
Size: 1024B - Virtual size: 576B

.rsrc
Size: 3KB - Virtual size: 3KB