ea7aee16b686297b2fef744887fd288c_JaffaCakes118

General

Target

ea7aee16b686297b2fef744887fd288c_JaffaCakes118
Size

12KB
MD5

ea7aee16b686297b2fef744887fd288c
SHA1

bc8c23ee6af97703ec0985de490df99269ecb602
SHA256

19ea2f9373069ca2358d12d76ae6d832c1e37aad876bb17ccd8512d8131be029
SHA512

6a3802d52ae55f4d9a79f52e363e93b1f2f466096b7b8b9d3dbf4bed2ba15378cf867e15a315b15f26012ca7382b059fc3dcb535541e511c0777e4ad765dc27c
SSDEEP

384:l800rX8dc3hD1xtfmd/9/RBhD15ZBbfUJCdC64bHQ:Uoc3DLc/9DbZBNAFb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea7aee16b686297b2fef744887fd288c_JaffaCakes118

Files

ea7aee16b686297b2fef744887fd288c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d966bfcc005cfb21a6ba09a94fcaa920

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance

kernel32

LocalFree
GetFileSize
GetLastError
GetLocalTime
GetModuleFileNameA
CloseHandle
CreateFileA
CreateFileMappingA
CreateThread
ExitProcess
ExitThread
GetComputerNameA
lstrlenA
lstrcpyA
lstrcmpA
lstrcatA
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
ReadFile
MultiByteToWideChar
MapViewOfFile
GetProcAddress
LocalAlloc
LoadLibraryA
GlobalFree
GlobalAlloc
GetVolumeInformationA
GetVersionExA
GetCurrentProcess

user32

ReleaseDC
wsprintfA

oleaut32

SafeArrayUnaccessData
SysAllocString
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayDestroy
SysFreeString

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
GetUserNameA

shlwapi

StrStrIA

wsock32.dl

ord23
ord22
ord19
ord18
ord16
ord13
ord9
ord8
ord6
ord57
ord52
ord4
ord3
ord2
ord1
ord151
ord115
ord116

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FCryptor
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d966bfcc005cfb21a6ba09a94fcaa920

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

wsock32.dl

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 152KB

FCryptor Size: 512B - Virtual size: 4KB

wsock32.dl

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 152KB

FCryptor
Size: 512B - Virtual size: 4KB