01cb2527e33828e4acb2bd306a941c5d_JaffaCakes118

General

Target

01cb2527e33828e4acb2bd306a941c5d_JaffaCakes118
Size

9KB
MD5

01cb2527e33828e4acb2bd306a941c5d
SHA1

95772d1b4cadb0b9860569bf5d6ae570baf9e796
SHA256

ed24bbd4443c87a53659799e96421d83cd25f97fbdc38ffffd2d084df092d84c
SHA512

c1946137d019a70a78a7b04e5c7ded952f1ebb2aecdc3ef854d976cd693d87c185062bf681acaaf8518acdc86e5c1bef338d7e6ef327ad31d631854fc192bc7f
SSDEEP

192:wM0VBFsmjT2t8gsAL/dDmX57hsf7/7Z2r+c2oTjV:w3FsmjVA56XRhI7/7Z2Cc2o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01cb2527e33828e4acb2bd306a941c5d_JaffaCakes118

Files

01cb2527e33828e4acb2bd306a941c5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b876c98aa7c418bbdd98c95809946b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueA
RegSetValueExA
RegCloseKey

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateMutexA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
OpenMutexA
ReadFile
RtlZeroMemory
SetFileAttributesA
WinExec
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

SetTimer
CallNextHookEx
CreateWindowExA
DefWindowProcA
DispatchMessageA
FindWindowA
FindWindowExA
GetAsyncKeyState
GetForegroundWindow
GetMessageA
GetWindow
KillTimer
PostQuitMessage
RegisterClassExA
SendMessageA
SetWindowsHookExA
TranslateMessage
UnhookWindowsHookEx

wsock32

connect
WSACleanup
WSAGetLastError
WSAStartup
closesocket
WSAAsyncSelect
htons
inet_addr
send
socket

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b876c98aa7c418bbdd98c95809946b7

Headers

File Characteristics

Imports

advapi32

kernel32

user32

wsock32

Sections

.text Size: 5KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: - Virtual size: 716B

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: - Virtual size: 716B

.rsrc
Size: 1024B - Virtual size: 4KB