2aa01e60d5a92d07f48a2635927a8f2c_JaffaCakes118

General

Target

2aa01e60d5a92d07f48a2635927a8f2c_JaffaCakes118
Size

23KB
MD5

2aa01e60d5a92d07f48a2635927a8f2c
SHA1

be1d91c05106b0e03388acc7f78e6989642a97c0
SHA256

67c601d83bcc74e98a3dafe6d2969c39fd2f1ce688eccb44a13d1a6a3dc09486
SHA512

93f23708f50a174e10f23362cc27b7451583a7873a492f1101e38925eedcdfdf1d6b0f3acc32a8e45a74a3dc6e5a22f8568f11fcde6c36456aca9b8a2440bda6
SSDEEP

384:wXqEsQ+yHMuq6p7U1ZGd55GMX/y/KJUsoquYk4cpMMH6t6TqbVOt9yaVWp5+W:+WQ+yHMt6p9JGMX/cUSH6tBb4tkF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aa01e60d5a92d07f48a2635927a8f2c_JaffaCakes118

Files

2aa01e60d5a92d07f48a2635927a8f2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf7111ed491ae5fcab82d82dd89afa76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
WaitForSingleObject
ExitProcess
CreateMutexA
CreateFileA
ResumeThread
CopyFileA
GetSystemDirectoryA
GlobalMemoryStatusEx
GetComputerNameA
GetLocaleInfoW
DeviceIoControl
TerminateProcess
ExitThread
GetTickCount
GetStartupInfoA
GetModuleHandleA
OpenMutexA
ReleaseMutex
CloseHandle
GetTempPathA
WinExec
GetLastError
GetModuleFileNameA
SetFileAttributesA
LoadLibraryA
GetProcAddress
CreateThread
Sleep
lstrlenA

user32

GetDesktopWindow
wsprintfA

advapi32

RegQueryValueExA
CreateServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
DeleteService

shell32

ShellExecuteA

ws2_32

recv
setsockopt
WSAIoctl
__WSAFDIsSet
socket
gethostname
closesocket
select
send
WSAStartup
inet_ntoa
htons
gethostbyname
inet_addr
sendto
WSASocketA
htonl
connect

msvcrt

strcat
rand
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
malloc
realloc
memcpy
strstr
memset
atoi
strcpy
strncpy
strcspn
exit
sprintf
strncmp
strlen

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf7111ed491ae5fcab82d82dd89afa76

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

msvcrt

Sections

.text Size: 21KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 920B

.text
Size: 21KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 920B