2d9b80b3490fef250cbc10b59d16b15e_JaffaCakes118

General

Target

2d9b80b3490fef250cbc10b59d16b15e_JaffaCakes118
Size

24KB
MD5

2d9b80b3490fef250cbc10b59d16b15e
SHA1

9db94116ba61e4faecb16a24773913d93d8bea24
SHA256

aecc624bf627d15d027ea6e51599260623ab7d63ec4b4a89fcde89e575f2d41b
SHA512

f25640c6f6f7b768beefb643b175ebe1e6133f626643cff3ea899998bc92c7c1af29f5600c11bf31af2abd718c1846441619dbcbcef2313fae97196f7c02af44
SSDEEP

384:o57U6KebI4a0+KN9/5gQilVglX2X9XoXoFGrqGhRmo9f0G:oUgbIZKK9xGh/Z0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d9b80b3490fef250cbc10b59d16b15e_JaffaCakes118

Files

2d9b80b3490fef250cbc10b59d16b15e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68937acd8a1e1a9a7dc2e4c7828b3454

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
DispatchMessageA
SetTimer
MessageBoxA
wsprintfA
CreateWindowExA
SetWindowLongA
GetMessageA

kernel32

DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetDiskFreeSpaceA
GetDriveTypeA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
CreateFileA
GetPrivateProfileStringA
GetProcAddress
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalMemoryStatus
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
CopyFileA
SetFilePointer
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CloseHandle
GetPrivateProfileSectionNamesA
ReadFile

wsock32

gethostname
gethostbyname

advapi32

GetUserNameA
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
RegCloseKey
IsValidSid
LookupAccountNameA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoTaskMemFree

rasapi32

RasGetEntryDialParamsA
RasGetEntryPropertiesA
RasEnumEntriesA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

68937acd8a1e1a9a7dc2e4c7828b3454

Headers

File Characteristics

Imports

user32

kernel32

wsock32

advapi32

shell32

ole32

rasapi32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 7KB - Virtual size: 137KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 7KB - Virtual size: 137KB