f10a7c449bd2c2ed6aeb0af3b4f22179_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f10a7c449bd2c2ed6aeb0af3b4f22179_JaffaCakes118
Size

21KB
MD5

f10a7c449bd2c2ed6aeb0af3b4f22179
SHA1

d8560d51ef513c8187b7f005dac81a5552af8bb2
SHA256

bfb8087c32b58e56e8c0b8e2e34e749404119bd865f5f69206edb7b383f83aec
SHA512

fca340a1d52d9262f5663bcb46ba940f48ff70cb95e38594d0f2e2543857d6682914bd647fdf4dff171c4801ae599ac42d1c288d3059c51ced22ec3b16fc99c9
SSDEEP

384:bO4nCPJMDuMryqgKaDRI85LdwOEdm68+5hEvQVAXB0V0kf0OqQ1ZmpkHopE6S4w:bOTJMHylBI8JRML8+5SvziF1KDE6S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f10a7c449bd2c2ed6aeb0af3b4f22179_JaffaCakes118

Files

f10a7c449bd2c2ed6aeb0af3b4f22179_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9caade4f3d8032020f029bc08a62cfe7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal
CoTaskMemFree

kernel32

GlobalAlloc
GetDriveTypeA
GetFileSize
CloseHandle
CreateFileA
CreateFileMappingA
CreateToolhelp32Snapshot
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetComputerNameA
GetCurrentDirectoryA
lstrlenW
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GlobalMemoryStatus
GlobalFree
GetLocalTime
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetDiskFreeSpaceA

user32

ReleaseDC
GetDC
wsprintfA

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreateVector

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyA
RegEnumValueA
GetUserNameA

shlwapi

StrCmpNA
StrRChrA
StrChrA
StrStrIA

wsock32

closesocket
socket
send
recv
gethostname
connect
WSAStartup

ws2_32

WSAIoctl

rasapi32

RasGetEntryDialParamsA
RasEnumEntriesA
RasGetEntryPropertiesA

gdi32

GetDeviceCaps

Sections

Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nah
Size: 194B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9caade4f3d8032020f029bc08a62cfe7

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

wsock32

ws2_32

rasapi32

gdi32

Sections

Size: 14KB - Virtual size: 13KB

Size: 2KB - Virtual size: 2KB

Size: 3KB - Virtual size: 185KB

.nah Size: 194B - Virtual size: 512B

.nah
Size: 194B - Virtual size: 512B