3d91d1effbc5a2050bb92bbe2f752bc8_JaffaCakes118

General

Target

3d91d1effbc5a2050bb92bbe2f752bc8_JaffaCakes118
Size

88KB
MD5

3d91d1effbc5a2050bb92bbe2f752bc8
SHA1

b0b7f532c995294d2f76b63f6bca0a66fbb2f01c
SHA256

02d904bbf2745fb388ca9bedc02084a1366942e2baa19fa21cd2fc71f2c9e95b
SHA512

b1b9d42b92723fe4b2c086763ab2df3b4f3907104a2f2dc5831d27b62603860d6cbbbcab93c278f6fda253f7033ad8dc5b611e7ae77ad1f138d3cb2651b7c866
SSDEEP

1536:8LAw5C0tckJaPPsqdrSFPgbyq1GVYDm0z8x0Z2yfE46ibAhP67boRO:Jw5CSXaPPfrS5gbyoGVYK0z40Z2KANRO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d91d1effbc5a2050bb92bbe2f752bc8_JaffaCakes118

Files

3d91d1effbc5a2050bb92bbe2f752bc8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f77a32e43e0d89c7d83f48440d41082

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
gethostbyname
htons
connect
recv
shutdown
accept
listen
bind
socket
send
closesocket
WSACleanup

kernel32

GetTempFileNameA
SetErrorMode
CreateMutexA
GetStartupInfoA
GetModuleHandleA
LocalFree
GetLastError
ExitProcess
GetTickCount
lstrcmpA
lstrcpynA
GlobalAlloc
CreateThread
lstrlenA
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
GetVolumeInformationA
GetModuleFileNameA
GetTempPathA
MoveFileExA
Sleep
CreateProcessA
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot

user32

wsprintfA
IsCharAlphaNumericA

msvcrt

__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
_strdup
_unlink
strcpy
__p__commode
_adjust_fdiv
__setusermatherr
sprintf
atoi
fclose
ftell
fseek
fopen
toupper
fread
_strcmpi
calloc
_except_handler3
malloc
fwrite
fputs
strlen
strcat
rand
strstr
strrchr
strcmp
memset
strtok
free
__CxxFrameHandler
_EH_prolog
srand
__argv
__argc
_CxxThrowException
??3@YAXPAX@Z
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm

oleaut32

GetErrorInfo

Sections

.bss
Size: - Virtual size: 146KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f77a32e43e0d89c7d83f48440d41082

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

msvcrt

oleaut32

Sections

.bss Size: - Virtual size: 146KB

.data Size: 25KB - Virtual size: 24KB

.bss
Size: - Virtual size: 146KB

.data
Size: 25KB - Virtual size: 24KB