535edcaf5e520daff7bcfdf7ffda8193_JaffaCakes118

General

Target

535edcaf5e520daff7bcfdf7ffda8193_JaffaCakes118
Size

65KB
MD5

535edcaf5e520daff7bcfdf7ffda8193
SHA1

177c6693b4ec43e0c215eb79b88fc7368cf22a31
SHA256

64c097103118d7cd7c16a7c2f61fd1a383f9d92d7f0daaebfe25455aedb6e7db
SHA512

98e976adc610d77b020eefdac1e938dcc17fc927c0616e66a063743540a17a84b0fcdb7206fdf5b261163cf45fe8afb2a9344705b1e2c762e64b740198682e54
SSDEEP

1536:nwylNkuZ//sCn/ntyjtp321PTd8ZqbXt7OtP6cnNM:/ku1l/nIjf3L6d7OtP3nO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
535edcaf5e520daff7bcfdf7ffda8193_JaffaCakes118

Files

535edcaf5e520daff7bcfdf7ffda8193_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c268c3535880d69c895168ca0239164

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetTickCount
TerminateProcess
ReadFile
WriteFile
CreateProcessA
CloseHandle
CreatePipe
GetProcAddress
LoadLibraryA
GetDriveTypeA
GetLogicalDrives
SetFilePointer
GetFileSize
GetLastError
CreateFileA
CopyFileA
GetEnvironmentVariableA
ExitProcess
GetModuleFileNameA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
InterlockedIncrement
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InterlockedDecrement

ws2_32

gethostname
send
select
__WSAFDIsSet
inet_addr
gethostbyname
recv
setsockopt
socket
htons
bind
closesocket
connect
WSASetLastError
WSAStartup
WSACleanup

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c268c3535880d69c895168ca0239164

Headers

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 5KB - Virtual size: 5KB