JaffaCakes118_0476649343fa393b6229a069742cce62

General

Target

JaffaCakes118_0476649343fa393b6229a069742cce62
Size

133KB
MD5

0476649343fa393b6229a069742cce62
SHA1

1ef55eba1030fd41109d2f3bdc550b2434d7ad46
SHA256

e4ce036da7c659bbca369d433038b17cc09d1cad0efd09c65c8cf6c27c844f2a
SHA512

fb0c26b8b19b1e978a1f55668c4562c91b777f58f146f89532989da75b1e4bf6969fa7554c08a07bac38092647334c6136654f6ea878cf1ae5ef53e1359c8ccb
SSDEEP

3072:pwWTgyslEG/cXo/QZte67g9Nch9kxfkAEnwIFdxlLAbX9JH7s:eWcy20XxZte6och9kZfETFrlLAbtJH7s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0476649343fa393b6229a069742cce62

Files

JaffaCakes118_0476649343fa393b6229a069742cce62
.exe windows:4 windows x86 arch:x86

bb2ccc249e103bcfdce33cb7ab4b6b2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\K\K.pdb

Imports

ws2_32

inet_addr
htonl
recv

kernel32

HeapFree
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetProcAddress
LoadLibraryA
LockResource
SizeofResource
LoadResource
FindResourceA
GetSystemTime
ExitProcess
GetLastError
HeapReAlloc
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
GetSystemInfo
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb2ccc249e103bcfdce33cb7ab4b6b2d

Headers

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 4KB

.rsrc Size: 105KB - Virtual size: 104KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 105KB - Virtual size: 104KB