5355259240d12148f5c2dd1a929a9e23_JaffaCakes118

General

Target

5355259240d12148f5c2dd1a929a9e23_JaffaCakes118
Size

21KB
MD5

5355259240d12148f5c2dd1a929a9e23
SHA1

5c7a715ab6f84a0729a05d725bc107c8847b3258
SHA256

1434240cae30882a6e695cdfc4b100ae4aa2fdf34978de9933b5b595d93cc075
SHA512

17aa63190a1e623ef40256c7a0b44a358b697da006651cefa69b058f446e63c249e80317131b1c8e01a76f2a6a2bcd1757cd95a30a4be2c70179a1ece9c0bbb2
SSDEEP

384:49Qd8vx769Cs7/c4M8/4+Q0iuRdFUZNxIlmnit1hFWOUERaWpTf8ZW+rUwI8X:y/964s7/7McLiu04mit1DrWZW+2y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ACAA6E73C508C67EAB2A7758697092A6.EXE

Files

5355259240d12148f5c2dd1a929a9e23_JaffaCakes118
.rar
ACAA6E73C508C67EAB2A7758697092A6.EXE
.exe windows:4 windows x86 arch:x86

fe1117082e2fca28805ffd3683394439

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

packet

PacketCloseAdapter
PacketGetAdapterNames
PacketOpenAdapter
PacketAllocatePacket
PacketSetNumWrites
PacketSetHwFilter
PacketSetBuff
PacketSetReadTimeout
PacketInitPacket
PacketReceivePacket
PacketSendPacket
PacketFreePacket

kernel32

GetEnvironmentVariableA
LCMapStringW
LCMapStringA
SetStdHandle
CloseHandle
SetFilePointer
LoadLibraryA
GetProcAddress
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
GetOEMCP
GetACP
GetVersion
CompareStringW
CompareStringA
GetCPInfo
MultiByteToWideChar
FlushFileBuffers
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WideCharToMultiByte
GetModuleHandleA
GetModuleFileNameA
ReadFile
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
WriteFile
GetLastError

ws2_32

htonl
htons
ntohs
ntohl

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe1117082e2fca28805ffd3683394439

Headers

File Characteristics

Imports

packet

kernel32

ws2_32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 17KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 17KB