454f6d93aaedeff7ee7aea2bd6654ec2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

454f6d93aaedeff7ee7aea2bd6654ec2_JaffaCakes118
Size

64KB
MD5

454f6d93aaedeff7ee7aea2bd6654ec2
SHA1

40face4466ee2d39822f840c2b1b8b81f8c05565
SHA256

4e6d487b39b061bd167d08baa52fd76b4ddeb0dc75480ab1bfac7a0543ed9492
SHA512

7e43bcf4a66135f4c73acdbafe79fb892d10cd8095d271b05607e622bd9b03af0f78220f19b430ff83f582f820bd00bb084ca879a1a0c681ac61089c2716757d
SSDEEP

768:eaw8m85LiUyPkGImrtE6R4Ru5uJtlvcLOocUQh0juiH2LC670+p6YOQTqWyohf5D:et8f6E+15paoc7hTiWL17DoYQBoxZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
454f6d93aaedeff7ee7aea2bd6654ec2_JaffaCakes118

Files

454f6d93aaedeff7ee7aea2bd6654ec2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5c0a158579274b35d74ba92c254d931

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
Process32Next
Module32Next
Module32First
CloseHandle
Process32First
CreateToolhelp32Snapshot
DeleteFileA
FindClose
FindFirstFileA
Sleep
TerminateProcess
OpenProcess
SetFileTime
GetFileTime
CreateFileA
GetCurrentProcess
CopyFileA
GetModuleFileNameA
GetCurrentProcessId
FindNextFileA
LocalFree
LocalAlloc
GetProcAddress
GetComputerNameA
GetSystemInfo
FreeLibrary
GetWindowsDirectoryA
GetModuleHandleA
GetSystemDirectoryA
GetSystemTimeAsFileTime
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
SetEnvironmentVariableA
lstrcmpA
GetCPInfo
FlushFileBuffers
SetStdHandle
SetHandleCount
ReadFile
WriteFile
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapReAlloc
VirtualAlloc
GetVersion
ExitProcess
HeapFree
GetLastError
HeapAlloc
MultiByteToWideChar
VirtualFree
FreeEnvironmentStringsA
GetStdHandle
GetFileType
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate

advapi32

RegSetValueExA
GetUserNameA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyA
RegEnumValueA
RegCloseKey

user32

wsprintfA
LoadStringA

wsock32

WSACleanup
htonl
bind
WSAStartup
connect
closesocket
gethostname
gethostbyname
ntohl
recv
send
WSAGetLastError
htons
socket

shell32

ShellExecuteA

rasapi32

RasEnumConnectionsA

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c5c0a158579274b35d74ba92c254d931

Headers

File Characteristics

Imports

kernel32

advapi32

user32

wsock32

shell32

rasapi32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 4KB