2262a50679d7e8677406f5651d9c97a0_JaffaCakes118

General

Target

2262a50679d7e8677406f5651d9c97a0_JaffaCakes118
Size

12KB
MD5

2262a50679d7e8677406f5651d9c97a0
SHA1

879cb08c8e9879829c14dcb850ec7437e2aecf8e
SHA256

6cfd1636b808694ef9076591d6c29a9150e1c86f28a2326f69ac8c1ea4770527
SHA512

1c38423c4b4c183980a40c90b1c15da1a4207a939218297ef40cf92b86dbb1b8fcc87b6e5bf56c2162aaa0c6df360e6fb2663fbc193bdfd81023cf54336fc63a
SSDEEP

192:SlD+jGezsnkm8eA0Lu2A2XHtk8561r7iPHRHOvX:St+Y8eA0LxXHt76hAHRH2X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2262a50679d7e8677406f5651d9c97a0_JaffaCakes118

Files

2262a50679d7e8677406f5651d9c97a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e55d7ae074c34471294e02bd998b6c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
CloseHandle
Module32First
CreateToolhelp32Snapshot
Process32Next
Process32First
TerminateProcess
OpenProcess
GetCurrentProcess
GetVersionExA
GlobalMemoryStatus
GetFileSize
WriteFile
CreateFileA
ReadFile
DeleteFileA
CreateDirectoryA
Sleep
FindNextFileA
GetComputerNameA
GetTempPathA
GetLastError
CreateMutexA
GetLongPathNameA
CreateProcessA
GetStartupInfoA
CreateRemoteThread
GetProcAddress
WriteProcessMemory
VirtualAllocEx
VirtualFreeEx
GetModuleHandleA
WinExec
CopyFileA
GetSystemDirectoryA
GetModuleFileNameA
FindClose
GetDriveTypeA
GetDiskFreeSpaceExA
lstrcmpiA
lstrcmpA
lstrcatA
lstrcpyA
ExitProcess
lstrlenA

user32

wsprintfA

advapi32

GetUserNameA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExA
RegOpenKeyExA

shell32

FindExecutableA
ShellExecuteA

msvcrt

strcat
_strcmpi
fopen
fclose
malloc
strncpy
memset
sprintf
strlen
free
realloc
strrchr
atoi

ws2_32

recv
gethostbyname
inet_addr
closesocket
send
connect
htons
socket
WSAStartup
shutdown

urlmon

URLDownloadToFileA

Sections

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e55d7ae074c34471294e02bd998b6c9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

ws2_32

urlmon

Sections

.data Size: 10KB - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 4B

.data
Size: 10KB - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 4B