4485421677888f68be290bd59b7a175b_JaffaCakes118

General

Target

4485421677888f68be290bd59b7a175b_JaffaCakes118
Size

30KB
MD5

4485421677888f68be290bd59b7a175b
SHA1

cc09f6114deed2687a0416bcb109f5c56b8280fe
SHA256

6b3630c952efe2a884d7df67443e66223d48bdf850df3e32d5c03703f12b42ee
SHA512

e59ac7361494fde471fff2efe06828b647ac19a19f8593410e077df2bd679408ebc57698cde7548596b9aba0a2a4af022e3762948ccf5d455f796b63feb5f2e5
SSDEEP

768:ZacBU7n1gtXVHHsj5jw7CTmihYcDsekx4i+htfF:ZSnI5Mj5jo8LTDc+htfF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4485421677888f68be290bd59b7a175b_JaffaCakes118

Files

4485421677888f68be290bd59b7a175b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d6889844a9c8d82ce4d68209d8cf3af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
LoadLibraryW
MultiByteToWideChar
FreeLibrary
WideCharToMultiByte
WriteFile
GetProcAddress
GetStartupInfoW
CloseHandle
HeapFree
QueryPerformanceCounter
UnhandledExceptionFilter
VirtualFree
VirtualAlloc
GetVersion
GetCommandLineA
GetModuleHandleA
HeapReAlloc
HeapAlloc
FormatMessageA
GetFileType
ExitProcess
Sleep
CreateFileA
ReadFile
GetTickCount
GetStartupInfoA

user32

TranslateMessage
PostQuitMessage
DispatchMessageW

advapi32

RegOpenKeyExW
CreateServiceW
DeleteService
GetTokenInformation
LookupPrivilegeValueA
RegSetValueExA
RegCloseKey
RegQueryValueExW

ws2_32

ioctlsocket
listen
ntohl
WSACleanup
select
recv
send
socket
WSAStartup
inet_ntoa

msvcrt

_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
realloc
free
malloc
strcat
strcmp
strchr
_exit
_XcptFilter

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d6889844a9c8d82ce4d68209d8cf3af

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

msvcrt

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 123KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1024B - Virtual size: 784B

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 123KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1024B - Virtual size: 784B