94bd762a96089f811eeaeb6f40a9e7dc_JaffaCakes118

General

Target

94bd762a96089f811eeaeb6f40a9e7dc_JaffaCakes118
Size

335KB
MD5

94bd762a96089f811eeaeb6f40a9e7dc
SHA1

4347f5f62d41e1652f3d6cc20bf6398f5a78f5d9
SHA256

c7a773eeb99ea1171dd6f9d54707c8faa532143a085181a80a96aa32080f7876
SHA512

af195cdb53b9658d321edff4af280823e0b21ef09e9ed901d246fdf5b420495e456b137a0a3f75b49f5bd89e6d6baab11701861df16a486f363610cca9cc62ed
SSDEEP

6144:vlDTSNsJsYtP0XVDP2j7h+dXM2DAv65gy0xBEXnXjR6k356Yr7QB:vhoitQVrTXoNx0T35tAB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94bd762a96089f811eeaeb6f40a9e7dc_JaffaCakes118

Files

94bd762a96089f811eeaeb6f40a9e7dc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ff7f8b425fa6f88215f03f49da64608b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
GetDeviceCaps
CreateCompatibleBitmap
GetBitmapBits
BitBlt
CreateDCA
GetObjectA
SelectObject
CreateCompatibleDC
DeleteDC

kernel32

GetCurrentThreadId
GetFileType
CloseHandle
FreeLibrary
FlushConsoleInputBuffer
GetThreadTimes
GlobalMemoryStatus
SetLastError
GetStdHandle
CreateMutexA
VirtualAlloc

user32

MessageBoxIndirectA

wsock32

recv
htonl
socket
ntohs
WSACancelBlockingCall
closesocket
gethostbyname
WSAGetLastError
bind
inet_ntoa
ntohl
WSACleanup
getsockopt
connect
htons
accept
WSASetLastError
WSAStartup
getservbyname
listen
send
shutdown
setsockopt

esent

JetCreateIndex
JetDupCursor
JetBeginExternalBackupInstance
JetCloseDatabase
JetOpenTempTable
JetReadFileInstance
JetGotoPosition
JetInit2
JetBeginTransaction2
JetDetachDatabase2
JetDefragment2
JetRegisterCallback
JetRetrieveKey
JetUpdate
JetGetDatabaseInfo
JetCreateInstance
JetGetLogInfoInstance
JetStopBackupInstance
JetGetDatabaseFileInfo
JetCloseFileInstance

rasadhlp

WSAttemptAutodialAddr

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 950KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff7f8b425fa6f88215f03f49da64608b

Headers

File Characteristics

Imports

gdi32

kernel32

user32

wsock32

esent

rasadhlp

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 308KB - Virtual size: 950KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 308KB - Virtual size: 950KB

.rsrc
Size: 5KB - Virtual size: 5KB