0a3d00713e6170b718c540599f635f13_JaffaCakes118

General

Target

0a3d00713e6170b718c540599f635f13_JaffaCakes118
Size

40KB
MD5

0a3d00713e6170b718c540599f635f13
SHA1

f019f96720540389b9e7206e208f666e7d4190e1
SHA256

4742e6a4a4103b3d1c68c43b57b8553909ff4459a2472f06b08e83980d136cd9
SHA512

f94a6a099f0eea9dd68b35fe99dacb0f1d669594762aa289672eaffa6fb85767138438d5b48290f345fc9b56f7f5c21d11402ca216f879c241911130286cb683
SSDEEP

384:kqqweEpHXXO8Py3ZzijOTKbdYM070Nh4SoommneecsdGHu5QsH4K9:kMHPy3ZzijOTKbdYENh41ecJHu5vHJ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a3d00713e6170b718c540599f635f13_JaffaCakes118

Files

0a3d00713e6170b718c540599f635f13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61fc47266a1bf711c2dde07aaedcf305

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
gethostbyname
inet_ntoa
inet_addr
gethostbyaddr
WSAStartup

netapi32

NetServerEnum
NetApiBufferFree

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

kernel32

GetVersionExA
ReadProcessMemory
OpenProcess
GetLocalTime
GetTickCount
GetDiskFreeSpaceExA
GetDriveTypeA
GetLastError
CloseHandle
GetCurrentProcess
GetProcAddress
GetModuleHandleA
Sleep
ReleaseMutex
WaitForSingleObject

mfc42

ord1105

msvcrt

fopen
__p__fmode
fclose
fputs
exit
_except_handler3
printf
strcpy
sprintf
memset
free
malloc
wcstombs
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__set_app_type
_controlfp

advapi32

OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
CloseServiceHandle
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA
EnumServicesStatusA
OpenServiceA
QueryServiceConfigA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

61fc47266a1bf711c2dde07aaedcf305

Headers

File Characteristics

Imports

ws2_32

netapi32

wininet

kernel32

mfc42

msvcrt

advapi32

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 20KB - Virtual size: 48KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 20KB - Virtual size: 48KB