2e1ababb7f3afe47b26a970d9e9449b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e1ababb7f3afe47b26a970d9e9449b0_JaffaCakes118
Size

48KB
MD5

2e1ababb7f3afe47b26a970d9e9449b0
SHA1

a7b1780d4024cb763b33d9354c428d3709117aba
SHA256

da6b4c0f48c20040300f06f22a0915f86fe96c981e1ff6c82e5ae12ca0f0d636
SHA512

8871c97c955a7d41ccfb85c3826ebea786df03df0c91b48e56f3d1f5c414d67d84a7a442a7ad0d7b9ddbd6755137580787d9069b1a723e883905a573fad31c13
SSDEEP

768:vsM2QfxI9n7wnYgkEBRNdAT+9rloQw/SCrj7Ybp47QepK0IUUiM95Zdz:n292HH7DFl9mEWprIVJ9xz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e1ababb7f3afe47b26a970d9e9449b0_JaffaCakes118

Files

2e1ababb7f3afe47b26a970d9e9449b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ec1c246d33814d88e9b7120b2d9d15a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
SetSecurityInfo
SetEntriesInAclA
AdjustTokenPrivileges
LookupPrivilegeValueA
GetTokenInformation
OpenProcessToken
GetUserNameA
LookupAccountSidA
RegEnumKeyExA
RegEnumValueA

wsock32

gethostbyname
gethostname
inet_addr
ioctlsocket
socket
inet_ntoa
htons
select
closesocket
recv
WSAStartup
WSACleanup
WSAGetLastError

mpr

WNetCloseEnum

shlwapi

SHSetValueA
SHDeleteKeyA

netapi32

NetGetDCName
NetApiBufferFree

shell32

SHGetSpecialFolderPathA

msvcrt

__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
swprintf
fwrite
__p__commode
fseek
fread
fclose
_strnicmp
free
strstr
strchr
atoi
exit
rename
strrchr
time
srand
rand
malloc
__CxxFrameHandler
fopen
_adjust_fdiv
sprintf
_itoa

kernel32

GetStartupInfoA
GetModuleHandleA
PeekNamedPipe
ReadFile
CreateProcessA
MultiByteToWideChar
GlobalAlloc
GlobalFree
GetFileTime
GetCurrentProcess
DuplicateHandle
SetFileTime
GetSystemTime
SystemTimeToFileTime
CompareFileTime
GetFileSize
GetLocalTime
RemoveDirectoryA
FindClose
GetLastError
LocalFree
GetLogicalDriveStringsA
GetDriveTypeA
GetVolumeInformationA
GetComputerNameA
WriteFile
GetPriorityClass
GetSystemDefaultLangID
OpenMutexA
lstrcmpiA
CloseHandle
SetEvent
WaitForSingleObject
Sleep
CreateMutexA
GetModuleFileNameA
DeleteFileA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
CopyFileA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ec1c246d33814d88e9b7120b2d9d15a

Headers

File Characteristics

Imports

advapi32

wsock32

mpr

shlwapi

netapi32

shell32

msvcrt

kernel32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 5KB