2440092b6002e216f5d24c3cbcfc2b42_JaffaCakes118

General

Target

2440092b6002e216f5d24c3cbcfc2b42_JaffaCakes118
Size

47KB
MD5

2440092b6002e216f5d24c3cbcfc2b42
SHA1

a26ddacc4b4e37b95b8a528f3ddcaa731ab499d4
SHA256

e4d045eb531d04d9630dc6998d1581c64f494337ec397ea2a1fcfb7e2b40db48
SHA512

1851c4e95ebeb49ea972df140dd22bc54c8366ee808c71daaebd527094ea595bd6361522366e4aaad9a386769089c1994a555428b1c935e0cbeba56d10012d3f
SSDEEP

768:Fk/uYacFR4xXiQN2av21E4rvSlbVWMgCQvdaGI6VzCaosl3BfdCVpc:Fk/uYacFR41iOynCVgPWsl3BfdC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2440092b6002e216f5d24c3cbcfc2b42_JaffaCakes118

Files

2440092b6002e216f5d24c3cbcfc2b42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c36d8785036986da16dc7579c420d933

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleHandleA
GetCommandLineA
ExitProcess
HeapFree
GetProcessHeap
HeapAlloc
GetTickCount
lstrlenA
ExitThread
GetCurrentDirectoryA
TerminateThread
CreateThread
SetEvent
GetWindowsDirectoryA
LocalSize
LocalFree
LocalAlloc
GetModuleFileNameA
CopyFileA
SetCurrentDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetDiskFreeSpaceExA
GetLogicalDrives
lstrcpyA
GlobalMemoryStatus
GetVersionExA
GetSystemTime
GetComputerNameA
DeleteFileA
CloseHandle
ReadFile
CreateFileA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
FormatMessageA
GetLastError
WriteFile
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
WideCharToMultiByte
lstrcatW
lstrcpyW
MultiByteToWideChar
WaitForMultipleObjects
FlushFileBuffers
SetFilePointer
CreateMutexA
ReleaseMutex
Sleep
GetFileSize
ResetEvent
CreateEventA

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CreateServiceA
LogonUserA
ImpersonateLoggedOnUser
RevertToSelf
OpenSCManagerA
OpenServiceA
ControlService
CloseServiceHandle
StartServiceA
DeleteService
QueryServiceConfigA
EnumServicesStatusA

mpr

WNetAddConnection2A
WNetCancelConnection2A

netapi32

NetShareDel
NetShareAdd
NetShareGetInfo
NetUserDel
NetUserAdd
NetUseAdd
NetUserEnum
NetApiBufferFree
NetUseDel

user32

wsprintfA

wsock32

WSAStartup
WSACleanup
inet_addr
gethostname
gethostbyname
inet_ntoa
socket
htonl
htons
connect
closesocket
send
recv

Sections

Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c36d8785036986da16dc7579c420d933

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

mpr

netapi32

user32

wsock32

Sections

 Size: 44KB - Virtual size: 44KB

.avp Size: 2KB - Virtual size: 4KB

Size: 44KB - Virtual size: 44KB

.avp
Size: 2KB - Virtual size: 4KB