46852d2aeeb6f48b7fb3cf866a0526cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46852d2aeeb6f48b7fb3cf866a0526cc_JaffaCakes118
Size

230KB
MD5

46852d2aeeb6f48b7fb3cf866a0526cc
SHA1

1f5d256087ac40d834c65c6e9830b8616a1dad19
SHA256

e05c725db88518a7087cea7731a1cb02ba29554d1465c7cadad7ffaf43ec3d7d
SHA512

46a09a8ffc7a2eff8d3f234a88910aeb260852446284cc00337fd5e413a0d3a4a66ee350d797860497b61ccee59bcded520255d15791863a411cd9519f5f2af8
SSDEEP

3072:tulDs1gRQdNt+PXT1ujBs32Ni6lkZWt4k6sc4U:t4s1AQvt+/MBy2NxlpLbU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46852d2aeeb6f48b7fb3cf866a0526cc_JaffaCakes118

Files

46852d2aeeb6f48b7fb3cf866a0526cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34f5325f83913c8ffacaad12eb979bd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
connect
WSACleanup
WSAStartup
setsockopt
ioctlsocket
htons
bind
listen
accept
recv
closesocket
socket
send
select
__WSAFDIsSet

kernel32

MapViewOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
SetConsoleCtrlHandler
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
Sleep
GetLastError
CreateThread
GetModuleFileNameA
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLocalTime
ExitProcess
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetSystemDirectoryA
GetTimeFormatA
GetDateFormatA
GetFileSize
GetFileAttributesA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
ReadFile
SetFilePointer
DeleteFileA
OpenProcess
GetCurrentProcessId
CopyFileA
SetFileAttributesA
GetModuleHandleA
WaitForSingleObject
CreateMutexA
TerminateThread
GetTempPathA
MoveFileA
LoadLibraryA
GetProcAddress
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
WideCharToMultiByte
MultiByteToWideChar
GetComputerNameA
GetCurrentProcess
TerminateProcess
lstrcmpiA
GetLocaleInfoA
GetVersionExA
GetLogicalDrives
WaitForMultipleObjects
CreatePipe
DuplicateHandle
GenerateConsoleCtrlEvent
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalMemoryStatus
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapSize
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34f5325f83913c8ffacaad12eb979bd1

Headers

File Characteristics

Imports

ws2_32

kernel32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 53KB - Virtual size: 425KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 19KB - Virtual size: 40KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 53KB - Virtual size: 425KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 19KB - Virtual size: 40KB