16e094baeadd5b00a859510c19f42a90_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

16e094baeadd5b00a859510c19f42a90_JaffaCakes118
Size

60KB
MD5

16e094baeadd5b00a859510c19f42a90
SHA1

5f786242895d2f1bcf6072b170919cde2216ae3b
SHA256

0dc118c920e795c36cfa39182d9313008855c37fd8c7d7f1151a0ea42a26b7bd
SHA512

7f2a8cd04970c944ed2f918525ebd0f3e780cc74e407ebf432fe9472d91fff6a2a440a0664e24fe658e55d9147676cc5baf6ea191e5052428e918f743d359733
SSDEEP

768:trPJ69pG0z0QWif+31Dbv0C35m0e7nFIo3+NYOh6bxHtGo:trPJ0z0/wK5lezeou96ltG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16e094baeadd5b00a859510c19f42a90_JaffaCakes118

Files

16e094baeadd5b00a859510c19f42a90_JaffaCakes118
.dll windows:4 windows x86 arch:x86

acbdfc8c97935cc9cf4ca339a09fe9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAStartup
socket
gethostbyname
htons
bind
connect
gethostname
closesocket
inet_ntoa
WSACleanup
send
recv

kernel32

GetModuleFileNameA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
CompareStringW
GetLastError
ExitThread
WriteFile
SleepEx
ReadFile
PeekNamedPipe
ExitProcess
TerminateProcess
TerminateThread
WaitForMultipleObjectsEx
CreateProcessA
GetStartupInfoA
CreateThread
CreatePipe
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
GetFileAttributesA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
InitializeCriticalSection
GetExitCodeProcess
WaitForSingleObject
CloseHandle
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
HeapSize
MultiByteToWideChar
GetLocaleInfoA
CompareStringA

Exports

Exports

exec
netcat

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acbdfc8c97935cc9cf4ca339a09fe9dc

Headers

File Characteristics

Imports

ws2_32

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 4KB - Virtual size: 3KB