3f960c539c5696037846a1e6117fbde2_JaffaCakes118

General

Target

3f960c539c5696037846a1e6117fbde2_JaffaCakes118
Size

165KB
MD5

3f960c539c5696037846a1e6117fbde2
SHA1

48350a8e3ee59460e6c2ba9c1262badf7f6337cb
SHA256

1a30a352a65cf6ad2b9b8266617709672c777e58edaa625946d77aca427cd352
SHA512

654a2fa6ed126ffce3854043b17e4572ad9b6d47afd7b67faa562f37a210e130222a73b540aff4d705e137f2fdf3a4d2d0adc1dda13bf344ebd6dbd68e726f9b
SSDEEP

3072:5TTRrR+ukVyp+Yl/OleGLWaEKjwRGIVeKKaqi0lvzL7QWDy0viqD9I3eRph3:5vMy80/OwkWaE4wRGIJMRFfUcbviqqO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f960c539c5696037846a1e6117fbde2_JaffaCakes118

Files

3f960c539c5696037846a1e6117fbde2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6964f717e1caecfb68792e30175c69ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

mpr

WNetCloseEnum
WNetLogonNotify
WNetCloseEnum
WNetCloseEnum
WNetLogonNotify
WNetLogonNotify
WNetCloseEnum
WNetLogonNotify
WNetCloseEnum
WNetConnectionDialog
WNetLogonNotify
WNetCloseEnum
WNetCloseEnum
WNetCloseEnum
WNetCloseEnum
WNetLogonNotify
WNetCloseEnum
WNetCloseEnum
WNetLogonNotify
WNetLogonNotify

kernel32

GetStartupInfoA
CreateProcessW
GetStartupInfoA
GetSystemTimeAsFileTime
SleepEx
Sleep
CreateProcessW
CreateProcessW
ReleaseMutex
SleepEx
ReleaseMutex
GetSystemTime
LoadLibraryExW
SleepEx
GetSystemTime
CreateFileA
GetSystemTimeAsFileTime
VirtualProtect
ReleaseMutex
ReadProcessMemory
GetProcAddress
LoadLibraryA
VirtualProtect
GetProfileIntA
GetBinaryTypeW
WriteProcessMemory
WaitForSingleObject
ReleaseMutex
SleepEx
GetSystemTime
ReadFile
WaitForSingleObject
GetSystemTime
LoadLibraryExW
CreateProcessW
GetStartupInfoW
ReleaseMutex
GetStartupInfoW
GetSystemTime
CreateProcessA
ReleaseMutex
Sleep
GetStartupInfoW
GetStartupInfoA
GetSystemTime

Sections

.text
Size: 4KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Fic
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

2OD
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6964f717e1caecfb68792e30175c69ff

Headers

File Characteristics

Imports

mpr

kernel32

Sections

.text Size: 4KB - Virtual size: 1024KB

.data Size: 4KB - Virtual size: 4KB

Fic Size: 2KB - Virtual size: 4KB

2OD Size: 2KB - Virtual size: 4KB

.rsrc Size: 152KB - Virtual size: 151KB

.text
Size: 4KB - Virtual size: 1024KB

.data
Size: 4KB - Virtual size: 4KB

Fic
Size: 2KB - Virtual size: 4KB

2OD
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 152KB - Virtual size: 151KB