2a6c6bd2481ef96afbec29d05d62a3d8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2a6c6bd2481ef96afbec29d05d62a3d8_JaffaCakes118
Size

255KB
MD5

2a6c6bd2481ef96afbec29d05d62a3d8
SHA1

f16dd35f48208e9db57dc18c2d200b2b1e777287
SHA256

f7bc22b68f58ec8eaa451a9a72ff88279c9c5e64c445a25d0a1f7708665ef5ff
SHA512

a15dc81a1f238955c2180eb42e4d32c3f809e6adde8ad802fb482d78fd752d614a2779bce617fc0a30d4bc5808398b9f06e697742ac7648df5b952ce8cc8ac24
SSDEEP

6144:92C6wWXvGR+kby8dw2bBiV7elkIaWtWMQpeScz5JXPW:IS4vGcaPGOB6EJlfmejz5g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a6c6bd2481ef96afbec29d05d62a3d8_JaffaCakes118

Files

2a6c6bd2481ef96afbec29d05d62a3d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e0afe33c35d20b6ebc4f176795d124a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
CreateMutexA
lstrcmpA
lstrcpyA
lstrlenA
WaitForSingleObject
lstrcatA
FreeLibrary
LoadLibraryA
GetProcAddress

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegSetValueExA

dhcpsapi

DhcpAddServer
DhcpDeleteClientInfo
DhcpServerSetDnsRegCredentials
DhcpEnumSubnetClients
DhcpDsCleanup
DhcpGetMCastMibInfo
DhcpRemoveOptionV5

comcat

DllUnregisterServer

Sections

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rKmRWV
Size: 1024B - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 82KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d
Size: 5KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 136KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yH
Size: 3KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e0afe33c35d20b6ebc4f176795d124a

Headers

File Characteristics

Imports

kernel32

advapi32

dhcpsapi

comcat

Sections

.edata Size: 1KB - Virtual size: 1KB

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 43KB

.rKmRWV Size: 1024B - Virtual size: 111KB

.edata Size: 82KB - Virtual size: 158KB

.d Size: 5KB - Virtual size: 362KB

.data Size: 6KB - Virtual size: 117KB

.edata Size: 136KB - Virtual size: 220KB

.yH Size: 3KB - Virtual size: 458KB

.rsrc Size: 2KB - Virtual size: 1KB

.edata
Size: 1KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 43KB

.rKmRWV
Size: 1024B - Virtual size: 111KB

.edata
Size: 82KB - Virtual size: 158KB

.d
Size: 5KB - Virtual size: 362KB

.data
Size: 6KB - Virtual size: 117KB

.edata
Size: 136KB - Virtual size: 220KB

.yH
Size: 3KB - Virtual size: 458KB

.rsrc
Size: 2KB - Virtual size: 1KB