266c2df022f4fefd6b1923b2707abb2c_JaffaCakes118

General

Target

266c2df022f4fefd6b1923b2707abb2c_JaffaCakes118
Size

39KB
MD5

266c2df022f4fefd6b1923b2707abb2c
SHA1

b5287a0a43d97c1ecb73e30f8b12cf98d70f556d
SHA256

61b68d49bd9024c9011bbbd662c2a4b93f1b91068eb078ac77845002303fcb13
SHA512

4eab5e25329005975069c0d3b4a259b215bda32c7d38c8313a3a97f83a553c237a73f87a945eace15a49e5eee386d6316dc9d46d11c53bdad6f0727c6b15c5d2
SSDEEP

384:maaBnqOWETDqK+LFxrkeeQKbb5PF5Ywpa4rfnGRthJWx+ZdsxDwA7nWvUWTF70wD:mxxBDwBDeQqb5PF5YwpXfGRYgSQNF7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
266c2df022f4fefd6b1923b2707abb2c_JaffaCakes118

Files

266c2df022f4fefd6b1923b2707abb2c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

28d5eab7671abed1c4b81313cd0d1224

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

wsock32

setsockopt
send
accept
listen
__WSAFDIsSet
ioctlsocket
socket
bind
htons
connect
getsockname
select
recv
ord1108
gethostname
gethostbyname
shutdown
closesocket
WSAStartup
getservbyname

user32

CharToOemA

msvcrt

clearerr
putchar
gets
fflush
longjmp
exit
_setjmp3
_unlink
fclose
atoi
strchr
printf
free
tolower
fgets
_tempnam
getenv
_getcwd
_errno
_chdir
_chdrive
toupper
islower
fscanf
strncat
fopen
_write
fprintf
vsprintf
vfprintf
isdigit
_read
clock
_fstat
_pclose
_popen
_fsopen
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__iob
_isatty
strncpy
tmpnam
sprintf

advapi32

RegOpenKeyExA
RegQueryValueExA
GetUserNameA
RegCloseKey

kernel32

WaitForSingleObject
SetConsoleMode
WriteFile
Sleep
GetProcessHeap
HeapAlloc
HeapFree
GetEnvironmentVariableA
GetConsoleMode
ReadFile
CloseHandle
FindFirstFileA
FindNextFileA
FormatMessageA
LocalFree
GetLastError
LocalAlloc
GetCurrentDirectoryA
CreateProcessA
GetModuleHandleA
CreateFileA
SetConsoleCtrlHandler

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28d5eab7671abed1c4b81313cd0d1224

Headers

File Characteristics

Imports

wsock32

user32

msvcrt

advapi32

kernel32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 18KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 18KB

.rsrc
Size: 7KB - Virtual size: 7KB