0016dbe3bc16e69bc65544879d4e661b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0016dbe3bc16e69bc65544879d4e661b_JaffaCakes118
Size

49KB
MD5

0016dbe3bc16e69bc65544879d4e661b
SHA1

3748770c348bf75c8994e60862967edb0d45e7af
SHA256

d8c33a3646427a33419788504b3710fea287ca04ebb92ee6811bd659c2c95cac
SHA512

0101c2f6207f4c033b3dbca2770135a9486f2f5529c649f5f611d00639e288d5e83b4b39164f683259a7bb3527e8bd8e2d65bfdee442f80bc6aa5b298bdca8fa
SSDEEP

768:2jFXQu2KtqThClJR0XDjehscfwUmybbhTg:2uuvtqThClfcWmcVXZg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0016dbe3bc16e69bc65544879d4e661b_JaffaCakes118

Files

0016dbe3bc16e69bc65544879d4e661b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0935372a261931fa9bb8d5b9c9aa0b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAAsyncSelect
listen
bind
accept
connect
ioctlsocket
WSAStartup
setsockopt
closesocket
htons
socket
htonl
recv
WSAGetLastError
send

kernel32

GetStringTypeW
GetLastError
MoveFileA
GetProcAddress
SetStdHandle
LoadLibraryA
CreateFileA
HeapAlloc
VirtualAlloc
SetFilePointer
FindNextFileA
FileTimeToSystemTime
FindFirstFileA
CreateProcessA
GetModuleHandleA
FlushFileBuffers
GetACP
DeleteFileA
WideCharToMultiByte
GetEnvironmentStringsW
GetCPInfo
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
TerminateProcess
ExitProcess
GetCurrentProcess
HeapFree
GetFileType
CloseHandle
VirtualFree
HeapCreate
HeapDestroy
GetOEMCP
GetStringTypeA
SetEndOfFile
RtlUnwind
GetVersion
SetHandleCount
GetStartupInfoA
GetCommandLineA
ReadFile
WriteFile
GetStdHandle

user32

TranslateMessage
PostQuitMessage
FindWindowExA
FindWindowA
EnumChildWindows
ExitWindowsEx
DefWindowProcA
SendMessageA
SetTimer
MessageBoxA
KillTimer
RegisterClassA
LoadIconA
LoadCursorA
GetMessageA
CreateWindowExA
UpdateWindow
DispatchMessageA

advapi32

RegCreateKeyExA
RegEnumValueA
RegDeleteValueA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0935372a261931fa9bb8d5b9c9aa0b7

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 1024B - Virtual size: 952B

.data Size: 12KB - Virtual size: 27KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 152B

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 1024B - Virtual size: 952B

.data
Size: 12KB - Virtual size: 27KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 152B