e29e9d1a9101734d5e7b36bff1dee3d4_JaffaCakes118

General

Target

e29e9d1a9101734d5e7b36bff1dee3d4_JaffaCakes118
Size

22KB
MD5

e29e9d1a9101734d5e7b36bff1dee3d4
SHA1

ef9aa452215c62a46a644da39c86be0afce174d7
SHA256

79163e8bcbaa07d7cc53361f46793a9d69858d552e673120f2bea3ad65392d4e
SHA512

9fcd797633e6b3b185361bbb4e6c9575fcf44b025047fc7acbbc7760194ec0a9d9c70492878a888dda722343dd88e1bd3c709f3fdf743807cc3b2bf83d182128
SSDEEP

384:9wTvgTAoNIgTqakwFtx4sif9nf/oWJ/LP4peFW9NvtLTxV6:9wDM9N/THkwB4T9ft5gpeg93K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e29e9d1a9101734d5e7b36bff1dee3d4_JaffaCakes118

Files

e29e9d1a9101734d5e7b36bff1dee3d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29c05319ba654c456d1ee9f2b84d3061

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
Process32First
CreateToolhelp32Snapshot
lstrcmpiA
GlobalAlloc
ReadFile
PeekNamedPipe
Sleep
CreateProcessA
GetStartupInfoA
CreatePipe
CreateFileA
GetModuleFileNameA
WinExec
GetTickCount
CreateDirectoryA
GetCommandLineA
GetLastError
CreateMutexA
GetCurrentThreadId
DeviceIoControl
GetVersionExA
GetModuleHandleA
WriteFile
CloseHandle
DeleteFileA
LoadLibraryA
GetProcAddress

user32

GetInputState
PostThreadMessageA
GetMessageA
LoadCursorA
CopyIcon
MessageBoxA
SetSystemCursor

advapi32

RegSetValueExA
RegCreateKeyA
RegOpenKeyA
RegCloseKey

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
strlen
strcpy
sprintf
memset
printf
strcat
memcpy
strstr
getchar
exit
fclose
fopen
strncpy
fread
fseek
__CxxFrameHandler
fscanf
remove
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_strlwr

iphlpapi

GetAdaptersInfo

ws2_32

inet_addr

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

msvcirt

??6ostream@@QAEAAV0@H@Z
??6ostream@@QAEAAV0@PBD@Z
?cout@@3Vostream_withassign@@A
?endl@@YAAAVostream@@AAV1@@Z

Sections

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29c05319ba654c456d1ee9f2b84d3061

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

iphlpapi

ws2_32

wininet

msvcirt

Sections

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 4KB