1b3f4d9a55e1a3d596522f8f99cce63a_JaffaCakes118

General

Target

1b3f4d9a55e1a3d596522f8f99cce63a_JaffaCakes118
Size

168KB
MD5

1b3f4d9a55e1a3d596522f8f99cce63a
SHA1

a9fdbde77f7679ae74de87da0c3846886eb29c84
SHA256

e0c9e585229e7148bcf2e07d09040af89b59774a2d514f768a7cdb553746afb8
SHA512

56390342c2d4bd81b606f467f78f35924db69e4128c699fd31ac999c574bb2aa7e3a9f3e07f556177724e1996d500d7629b92e106b2a14f516f8a89658f186c2
SSDEEP

3072:p9bUsA0RxdKpxQVyp+Yl/OleGLWaEKjwRGIVeKKaqi0lvzL7qWDy0viqD9I3eRjj:p9bUH8y80/OwkWaE4wRGIJMRFfecbvie

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b3f4d9a55e1a3d596522f8f99cce63a_JaffaCakes118

Files

1b3f4d9a55e1a3d596522f8f99cce63a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e491c2daef642b67636f7245e9568b27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

mpr

WNetCloseEnum
WNetCloseEnum
WNetCloseEnum
WNetLogonNotify
WNetCloseEnum
WNetLogonNotify
WNetCloseEnum
WNetCloseEnum
WNetCloseEnum
WNetLogonNotify
WNetSetConnectionW
WNetCloseEnum
WNetLogonNotify
WNetCloseEnum
WNetCloseEnum
WNetCloseEnum
WNetCloseEnum
WNetLogonNotify
WNetLogonNotify
WNetLogonNotify
WNetCloseEnum

kernel32

CreateProcessA
LoadLibraryExW
LoadLibraryExA
GetStartupInfoA
VirtualProtectEx
SleepEx
GetStartupInfoA
SleepEx
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
GetStartupInfoA
SleepEx
CreateFileA
TerminateProcess
LoadLibraryExW
WriteProcessMemory
GetSystemTime
CreateFileA
GetStartupInfoA
VirtualProtectEx
LoadLibraryExW
TerminateProcess
Sleep
CreateProcessW
ReleaseMutex
GetStartupInfoA
GetSystemTimeAsFileTime
ReadProcessMemory
LoadLibraryExW
SleepEx
GetProcAddress
LoadLibraryA
VirtualProtect
GetProfileIntW
GetBinaryTypeW
ReadFile
LoadLibraryExW
GetStartupInfoW
CreateProcessW
LoadLibraryA
VirtualProtect
LoadLibraryExA
TerminateProcess
CreateProcessW
SleepEx
VirtualProtect
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
LoadLibraryExW
GetStartupInfoW
LoadLibraryExA
LoadLibraryExW
Sleep
ReleaseMutex
LoadLibraryExA
VirtualProtectEx
WaitForSingleObject
CreateProcessA
ReadProcessMemory
CreateProcessA
SleepEx
CreateProcessA
VirtualProtect
VirtualProtectEx
WaitForSingleObject

Sections

.text
Size: 6KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hUQ
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

HQv
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e491c2daef642b67636f7245e9568b27

Headers

File Characteristics

Imports

mpr

kernel32

Sections

.text Size: 6KB - Virtual size: 1024KB

.data Size: 4KB - Virtual size: 8KB

hUQ Size: 2KB - Virtual size: 4KB

HQv Size: 2KB - Virtual size: 4KB

.rsrc Size: 152KB - Virtual size: 151KB

.text
Size: 6KB - Virtual size: 1024KB

.data
Size: 4KB - Virtual size: 8KB

hUQ
Size: 2KB - Virtual size: 4KB

HQv
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 152KB - Virtual size: 151KB