128a66b976fb962d0978c588ccd87b83_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

128a66b976fb962d0978c588ccd87b83_JaffaCakes118
Size

248KB
MD5

128a66b976fb962d0978c588ccd87b83
SHA1

5ceafefe2c7b5d4b1cd5a56711c61e66bcddb155
SHA256

a9399076f6a53fc855b9f8ce21906eef9e1cbfbdc9d6923955fee5c041662c10
SHA512

234c5b5a860bb96ff54a8d84256bc88bb5726a78b3226106acb649e06a85dddff8a368a6c344c683ad6a4853df98082243a525d45dbd903814bed734b6933a53
SSDEEP

6144:XWjk0I1uiy0kPci6GNEXaQo2o1kBGrdkeoRK0M:XWCwiy0Up6GNI9o1kBGZkQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
128a66b976fb962d0978c588ccd87b83_JaffaCakes118

Files

128a66b976fb962d0978c588ccd87b83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fb77813956af564819ac02e2b0caa55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Cilerimaw\Pacogula\Uguxucabi\Ketyvywev.pdb

Imports

ole32

CoInitialize
CoUninitialize
CoCreateInstance
OleInitialize
OleSetContainedObject
OleUninitialize

ws2_32

WSAStartup
WSACleanup
getservbyname
htons
recv
send
recvfrom
getsockopt
WSAConnect
WSASocketA

kernel32

TlsFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetSystemInfo
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
GetLogicalDriveStringsA
SetTapePosition
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsAlloc
SetLastError
GetCurrentThreadId
GetCurrentThread
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fb77813956af564819ac02e2b0caa55

Headers

File Characteristics

PDB Paths

Imports

ole32

ws2_32

kernel32

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 76KB - Virtual size: 163KB

.tls Size: 4KB - Virtual size: 112B

.rsrc Size: 4KB - Virtual size: 808B

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 76KB - Virtual size: 163KB

.tls
Size: 4KB - Virtual size: 112B

.rsrc
Size: 4KB - Virtual size: 808B