432765a338db063b00cd6792f464f2d0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

432765a338db063b00cd6792f464f2d0_JaffaCakes118
Size

88KB
MD5

432765a338db063b00cd6792f464f2d0
SHA1

862a0f6e4fc241e615b1feba0a91052c061638b1
SHA256

d8f4bd424e1913e865f6dc0aa398df5bf6497b4552f752f08486f2fcfd17f539
SHA512

9e6a7a789b23269de3d5c2f339dacbc2a2b887d5f66c23ad008ee7adf1059c3b4051e9f09c15c9d3274c1b23265823e3542186f2e814d6e44ab609f8333c3703
SSDEEP

768:9vAp1t17tP/1yT1p8HD3maxIdkzc1dWrpFjNN9thZnC8wm9VoEEEwu7YEyFoXC:9vAp1t17tXgT1iDvKaz9tznGmftmoy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
432765a338db063b00cd6792f464f2d0_JaffaCakes118

Files

432765a338db063b00cd6792f464f2d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd62f2204876081ab2fae9d4b0ed5d23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
gethostbyname
closesocket
recv
WSACleanup
WSAGetLastError
WSAStartup
socket
htons
connect
send
WSAAsyncSelect

kernel32

CloseHandle
UnmapViewOfFile
GetCurrentProcess
GetVersionExA
ExitProcess
CreateProcessA
CopyFileA
DeleteFileA
GetModuleFileNameA
GetSystemDirectoryA
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
GetLocalTime
WriteFile
CreateFileA
ResumeThread
CreateThread
MapViewOfFile
GetTempPathA
WinExec
SetCurrentDirectoryA
GlobalMemoryStatus
GetComputerNameA
SetFileAttributesA
VirtualAlloc
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
GetLastError
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
LocalFree
FreeLibrary
LoadLibraryA
GetProcAddress
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
ReadFile
SetStdHandle
ExpandEnvironmentStringsA
MultiByteToWideChar
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapFree
TerminateProcess
HeapReAlloc
HeapAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount

user32

DefWindowProcA
ExitWindowsEx
PostQuitMessage
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

GetSecurityInfo
DeleteService
OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
StartServiceA
RegOpenKeyExA
RegRestoreKeyA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
SetEntriesInAclA
SetSecurityInfo

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd62f2204876081ab2fae9d4b0ed5d23

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 24KB - Virtual size: 27KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 24KB - Virtual size: 27KB