3b6ea3dda2f70ab3039bcfa31c06f88e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b6ea3dda2f70ab3039bcfa31c06f88e_JaffaCakes118
Size

460KB
MD5

3b6ea3dda2f70ab3039bcfa31c06f88e
SHA1

c52d47ed48d0e8c81161e639fe6a67f74ab4541e
SHA256

6df8f32d1fdec826ae6925486a18f6e2e3ecbf1e35197c3a4757296691e0e703
SHA512

50a8b5c9fae2bf5a3708486e9fc2f63aeb4e021aaf2fdbbfc593195897ec8209340522422b76c58a6e9a73a1b049d78b139af221f9e5bea5d62a93848c930b56
SSDEEP

3072:701T755JjCNsuzqG13TnqNN/i4YSbJfJ/szoN00BKyjreO:70PxgsuLGr/oLc00Bpj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b6ea3dda2f70ab3039bcfa31c06f88e_JaffaCakes118

Files

3b6ea3dda2f70ab3039bcfa31c06f88e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc2a2f1131b1f08936968ae342b62782

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getsockname
WSASocketA
getsockopt
WSACleanup
WSAStartup
setsockopt
ioctlsocket
bind
listen
accept
inet_addr
htons
connect
recv
closesocket
socket
send
select
__WSAFDIsSet

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

QueryPerformanceCounter
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
WideCharToMultiByte
SetFilePointer
Sleep
MultiByteToWideChar
CloseHandle
WriteFile
TransactNamedPipe
CreateFileA
GetModuleFileNameA
GetLastError
CreateThread
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadLibraryA
GetProcAddress
GetModuleHandleA
FormatMessageA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
CreateProcessA
ExpandEnvironmentStringsA
SetFileAttributesA
GetFileAttributesA
GetTempPathA
GetVersionExA
CopyFileA
GlobalMemoryStatus
GetTimeFormatA
GetDateFormatA
GetSystemDirectoryA
QueryPerformanceFrequency
GetLocalTime
ExitProcess
DeleteFileA
OpenProcess
GetCurrentProcessId
WaitForSingleObject
CreateMutexA
lstrcmpiA
GetCurrentProcess
TerminateProcess
GetLocaleInfoA
TerminateThread
HeapAlloc
HeapFree
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RaiseException
HeapSize
ReadFile
SetHandleCount
GetStdHandle
GetFileType

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 354KB - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc2a2f1131b1f08936968ae342b62782

Headers

File Characteristics

Imports

ws2_32

version

kernel32

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 354KB - Virtual size: 375KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 354KB - Virtual size: 375KB