6a48e8cccb7329f9c95f89c498a1fce5_JaffaCakes118

General

Target

6a48e8cccb7329f9c95f89c498a1fce5_JaffaCakes118
Size

806KB
MD5

6a48e8cccb7329f9c95f89c498a1fce5
SHA1

65a0fdb5d1b2f21351e0496750e4e55ea84722b7
SHA256

f604b972e8ec75aa109c2ede0c612c363f0d65aa3af572ce7779f775c908934d
SHA512

dd11a012dfb421d78df75a866592c5ac77b41957fec9969072c256f3a82bb2e8472f49c5d78c2ddc295659e0813a3c9fcdaf4fc0f1781e0237d11921c9ca5c15
SSDEEP

24576:OYmNanf1wUjy6RJFVnE9WESh0gfOWsBI:6UWEntmSCgWWsBI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a48e8cccb7329f9c95f89c498a1fce5_JaffaCakes118

Files

6a48e8cccb7329f9c95f89c498a1fce5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23fb1bf892a41fb208b830541176e9b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

rastapi

PortCompressionSetInfo

rasman

RasPortEnumProtocols
IsRasmanProcess
RasActivateRoute
RasActivateRouteEx
RasAddConnectionPort
RasAddNotification
RasAllocateRoute
RasBundleClearStatistics
RasBundleClearStatisticsEx
RasBundleGetPort
RasBundleGetStatistics
RasBundleGetStatisticsEx
RasCompressionGetInfo
RasCompressionSetInfo
RasConnectionEnum
RasConnectionGetStatistics
RasCreateConnection
RasDeAllocateRoute
RasDestroyConnection
RasDeviceConnect
RasFindPrerequisiteEntry
RasFreeBuffer
RasPortGetProtocolCompression
RasGetCalledIdInfo
RasGetConnectInfo
RasGetConnectionParams
RasGetConnectionUserData
RasGetEapUserInfo
RasGetFramingCapabilities
RasGetHConnFromEntry
RasGetHportFromConnection

kernel32

Module32FirstW
FreeConsole
GetSystemDirectoryA
OpenProfileUserMapping
IsBadCodePtr
GetTapeParameters
ReleaseSemaphore
SearchPathW
SetCommState
CreateSemaphoreA
_lopen
Beep

oleaut32

SafeArrayGetElemsize
SafeArrayGetIID
SafeArrayGetLBound
SafeArrayGetRecordInfo
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayPtrOfIndex

lz32

LZRead

Sections

.text
Size: 30KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 746KB - Virtual size: 748KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

Sharing

General

Malware Config

Signatures

Files

23fb1bf892a41fb208b830541176e9b4

Headers

File Characteristics

Imports

rastapi

rasman

kernel32

oleaut32

lz32

Sections

.text Size: 30KB - Virtual size: 35KB

.rdata Size: 12KB - Virtual size: 14KB

.RSRC Size: 746KB - Virtual size: 748KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 30KB - Virtual size: 35KB

.rdata
Size: 12KB - Virtual size: 14KB

.RSRC
Size: 746KB - Virtual size: 748KB

.rsrc
Size: 5KB - Virtual size: 8KB