05ba6d49b02f10567477cafc84c1b05f_JaffaCakes118

General

Target

05ba6d49b02f10567477cafc84c1b05f_JaffaCakes118
Size

56KB
MD5

05ba6d49b02f10567477cafc84c1b05f
SHA1

e574be3af87b7d2e5b4b81f8a148b1c007136ae6
SHA256

d2c8f78b299ad4254f5f4684eabf25fe38d15a6d449e0d32ab70ec64b52b2b1c
SHA512

8f5140346bf8619a9aaa8288b2a395c8528dd0505627239febe7523c590df7b4b38c92b128ff1cc55f272e2b81de2850556982baa5270db3472a726a853f832a
SSDEEP

384:+FBfyYvvFBfyYvM0jmPBDEB9iVDa8HFe4qigsiZ53rh6Up+XUwXunxRhtdpGo6:bymP2wVmUY4qi2Zlrh6lFXqGo6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05ba6d49b02f10567477cafc84c1b05f_JaffaCakes118

Files

05ba6d49b02f10567477cafc84c1b05f_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b870a75a47853c6e2e2925b5bf6c981b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
closesocket
connect
gethostbyname
htons
socket

wininet

InternetCloseHandle
InternetConnectA
InternetOpenA
InternetOpenUrlA
InternetReadFile
HttpOpenRequestA
HttpSendRequestA

msvcrt

_sleep
_snprintf
atoi
exit
free
malloc
memcpy
memset
raise
rand
realloc
signal
sprintf
srand
strcat
strncmp

kernel32

DeleteFileA
GetCommandLineA
GetCurrentProcessId
GetFileSize
GetFileTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetSystemTime
CloseHandle
GetTickCount
GetVersion
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
LocalAlloc
LocalFree
ReadFile
RtlUnwind
CreateFileA
SetFileTime
Sleep
WinExec
WriteFile
CreateThread

user32

GetWindowTextA
FindWindowA
GetMessageA
TranslateMessage
DispatchMessageA
SendMessageA
RegisterClassA
CreateWindowExA
DefWindowProcA

advapi32

ChangeServiceConfig2A
CloseServiceHandle
CreateServiceA
DeleteService
OpenSCManagerA
OpenServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceA
StartServiceCtrlDispatcherA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

crtdll

__GetMainArgs
strchr

Sections

__FLAT
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__IMPORT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b870a75a47853c6e2e2925b5bf6c981b

Headers

File Characteristics

Imports

wsock32

wininet

msvcrt

kernel32

user32

advapi32

crtdll

Sections

__FLAT Size: 48KB - Virtual size: 48KB

__IMPORT Size: 4KB - Virtual size: 4KB

__FLAT
Size: 48KB - Virtual size: 48KB

__IMPORT
Size: 4KB - Virtual size: 4KB