10b4666855b3da6515c7ea9a5b8a2f1d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

10b4666855b3da6515c7ea9a5b8a2f1d_JaffaCakes118
Size

256KB
MD5

10b4666855b3da6515c7ea9a5b8a2f1d
SHA1

2f43f5e6229269e807a3f704fc2b14a3efb4b239
SHA256

b974021df6a93a6cb5516b53b1a840a8bcb176d2bd46e7531447ada88f1b5aae
SHA512

1288e020366b7834cce1eddde539fcecb839498042cd016da49f48248e8663badd78239441634954121373cf012359b9853ad145b2d785690e7193e467299632
SSDEEP

6144:zDTZCatGyI+dze3BNgpVRM8+HKN3Yq4ZpAPeB0fkMzgGHh9F8oS:+yIoC3BNGZiAWB0sIhv8oS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10b4666855b3da6515c7ea9a5b8a2f1d_JaffaCakes118

Files

10b4666855b3da6515c7ea9a5b8a2f1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d5610a2dffc09cf2be6246e1673aeca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_CxxThrowException
sscanf
isdigit
strtol
??1type_info@@UAE@XZ
__dllonexit
_onexit
_exit
_XcptFilter
exit
strncat
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
realloc
strcpy
memmove
toupper
tolower
strtok
memcmp
strrchr
_strnicmp
strstr
rand
atol
atoi
_strlwr
strchr
strcat
_stricmp
strcmp
memset
malloc
fopen
free
fclose
fgets
strncpy
clock
srand
abs
_EH_prolog
__CxxFrameHandler
time
localtime
sprintf
fprintf
vsprintf
strlen
printf
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
__p___initenv

wsock32

recv
WSACleanup
WSAStartup
select
closesocket
htons
getservbyname
send
gethostname
ioctlsocket
gethostbyname
socket
setsockopt
connect
WSAGetLastError
inet_ntoa
getsockopt
htonl
ntohl

kernel32

GetLastError
OpenFile
_lclose
GetStdHandle
WriteFile
ReadFile
GetFileSize
GetFileType
CreateFileA
CloseHandle
GetVersionExA
lstrcpyA
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
GetProcAddress
FreeLibrary
LoadLibraryA
GetModuleHandleA
lstrcmpA
GetEnvironmentVariableA
lstrcmpiA
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
Sleep
lstrlenA
lstrcatA

user32

wsprintfA
CharNextA

advapi32

RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d5610a2dffc09cf2be6246e1673aeca

Headers

File Characteristics

Imports

msvcrt

wsock32

kernel32

user32

advapi32

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 7KB - Virtual size: 40KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 7KB - Virtual size: 40KB

.rsrc
Size: 1KB - Virtual size: 1KB