55c576f10978584cdb0edd8dc1c73b86_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

55c576f10978584cdb0edd8dc1c73b86_JaffaCakes118
Size

229KB
MD5

55c576f10978584cdb0edd8dc1c73b86
SHA1

b4459e347b5b3a1d7b6a1d1d4307d58ef6218f4a
SHA256

edc68d0924fb1357e5a56bf57333b2416cfdf00cda69e9a154419f5e512c210d
SHA512

9c6483a3d2d6fed55574350e9251ce7afc08f4324aa44a2f9e4b5a919dedff7dd7b8d56db8d056804af1a949a4ddf0b2c7b182d8b0b4163b4759c22127ef67d1
SSDEEP

3072:XulDs1gRQdNt+PXT1ujBs32Ni6lkZWt4k6sc4Ei:X4s1AQvt+/MBy2NxlpLbt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55c576f10978584cdb0edd8dc1c73b86_JaffaCakes118

Files

55c576f10978584cdb0edd8dc1c73b86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34f5325f83913c8ffacaad12eb979bd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
connect
WSACleanup
WSAStartup
setsockopt
ioctlsocket
htons
bind
listen
accept
recv
closesocket
socket
send
select
__WSAFDIsSet

kernel32

MapViewOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
SetConsoleCtrlHandler
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
Sleep
GetLastError
CreateThread
GetModuleFileNameA
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLocalTime
ExitProcess
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetSystemDirectoryA
GetTimeFormatA
GetDateFormatA
GetFileSize
GetFileAttributesA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
ReadFile
SetFilePointer
DeleteFileA
OpenProcess
GetCurrentProcessId
CopyFileA
SetFileAttributesA
GetModuleHandleA
WaitForSingleObject
CreateMutexA
TerminateThread
GetTempPathA
MoveFileA
LoadLibraryA
GetProcAddress
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
WideCharToMultiByte
MultiByteToWideChar
GetComputerNameA
GetCurrentProcess
TerminateProcess
lstrcmpiA
GetLocaleInfoA
GetVersionExA
GetLogicalDrives
WaitForMultipleObjects
CreatePipe
DuplicateHandle
GenerateConsoleCtrlEvent
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalMemoryStatus
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapSize
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34f5325f83913c8ffacaad12eb979bd1

Headers

File Characteristics

Imports

ws2_32

kernel32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 53KB - Virtual size: 425KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 18KB - Virtual size: 36KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 53KB - Virtual size: 425KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 18KB - Virtual size: 36KB