24435c8d6c2421f185f341b56b22d876_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24435c8d6c2421f185f341b56b22d876_JaffaCakes118
Size

26KB
MD5

24435c8d6c2421f185f341b56b22d876
SHA1

aebeaa02e4d1dff29213eab6e5e79801a8cd2ecc
SHA256

6f2a7a125c3771f18b1ea806eac48762446c0ca0e7f23ff50ff23c277c0a98f2
SHA512

dbbbe806ed25ccc7f5ab72e4e43b32712b1322af2ec31c63a4b0cd618fc37aa6679e36eb18c1e2c9cc4d1ecb64cc1fbcab3cb3c0bf59d7ec56acb70418292a40
SSDEEP

768:IzUs5vFdE/dJ2yQCY8xdlrnprBgcw8591N:Ixyj2ZyFto2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24435c8d6c2421f185f341b56b22d876_JaffaCakes118

Files

24435c8d6c2421f185f341b56b22d876_JaffaCakes118
.exe windows:4 windows x86 arch:x86

957bb3e5a9164b5e1c8d688f46d839bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance

kernel32

GetVolumeInformationA
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
CloseHandle
CreateFileA
CreateFileMappingA
CreateToolhelp32Snapshot
ExitProcess
lstrlenW
lstrlenA
lstrcpyA
lstrcmpiA
lstrcmpA
FindClose
FindFirstFileA
lstrcatA
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
ReadFile
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GlobalMemoryStatus
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetFileSize
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetLocalTime
GetLastError
FindNextFileA

user32

GetDC
ReleaseDC
wsprintfA

oleaut32

SafeArrayDestroy
SysAllocString
SysFreeString
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData

advapi32

LookupPrivilegeValueA
GetUserNameA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges

shlwapi

StrStrIA

wsock32

send
recv
WSAStartup

rasapi32

RasEnumEntriesA
RasGetEntryPropertiesA
RasGetEntryDialParamsA

gdi32

GetDeviceCaps

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

957bb3e5a9164b5e1c8d688f46d839bf

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

wsock32

rasapi32

gdi32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 182KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 182KB

.rsrc
Size: 1KB - Virtual size: 1KB