98098e71b213d3471e49343b0f01a59c_JaffaCakes118

General

Target

98098e71b213d3471e49343b0f01a59c_JaffaCakes118
Size

35KB
MD5

98098e71b213d3471e49343b0f01a59c
SHA1

e2669ff97f946179f7c0a86ecf8fb336cdbe0ca7
SHA256

8bb2875cb907d49adfdd111a508f63a5cfd97e13129a6c3cc8845993abf392f9
SHA512

55cb4ca334a82547c4a05b34cfe2df6d25ac8405f16f8f64c17ba2bae92dff0b11b141332d383daf5d8db5988132da097e688496d5376745673ebdcc7ec83425
SSDEEP

768:DoQyXXEcU7vLyZ6RMMggd7mADjSYCv/UPnkrLlm/:DoQyXX96y1SdjSYCXOH/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98098e71b213d3471e49343b0f01a59c_JaffaCakes118

Files

98098e71b213d3471e49343b0f01a59c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8f5f326d59bd53d34818d2c72e3b0d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
WinExec
GetTickCount
CloseHandle
ReleaseMutex
OpenMutexA
lstrlenA
lstrcpynA
SetFilePointer
WriteFile
CreateFileA
SetPriorityClass
LoadResource
FindResourceA
EnumResourceNamesA
WaitForSingleObject
GetLastError
GetWindowsDirectoryA
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
TerminateProcess
ExitThread
GetStartupInfoA
GetCurrentProcess
GetCurrentThread
SetThreadPriority
Sleep
CreateThread
LoadLibraryA
LockResource
GetProcAddress
GetModuleHandleA
CreateProcessA

user32

GetDesktopWindow
wsprintfA

advapi32

RegOpenKeyExA
StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteExA
ShellExecuteA

ws2_32

closesocket
WSAStartup
inet_ntoa
select
recv
setsockopt
WSAIoctl
socket
connect
htonl
send
WSACleanup
__WSAFDIsSet
inet_addr
sendto
htons

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

netapi32

NetUserAdd
NetLocalGroupAddMembers

msvcrt

sprintf
strcmp
??2@YAPAXI@Z
_onexit
__dllonexit
_controlfp
??3@YAXPAX@Z
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
strncmp
strcat
wcscpy
realloc
malloc
strlen
atoi
strncpy
strcspn
memset
strstr
strcpy
exit
memcpy
localtime
time
free

Sections

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8f5f326d59bd53d34818d2c72e3b0d6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

shlwapi

iphlpapi

netapi32

msvcrt

Sections

.data Size: 29KB - Virtual size: 29KB

.rsrc Size: 4KB - Virtual size: 4KB

.data
Size: 29KB - Virtual size: 29KB

.rsrc
Size: 4KB - Virtual size: 4KB