628dbb8a82b5c82239a3a2e9030f96bd_JaffaCakes118

General

Target

628dbb8a82b5c82239a3a2e9030f96bd_JaffaCakes118
Size

25KB
MD5

628dbb8a82b5c82239a3a2e9030f96bd
SHA1

37fb8cac80ca8e1bd5eef398768869354c18d8fb
SHA256

1d1aca3be309f8b6f1778919ec1a36d7afda7b9cb7f7873e3ccf394038d759af
SHA512

cea086e60a8dbb1efcf6d0831a895ec9a5b098a0100702984ebfae23f3fbda7bc8897abb3d6c347967aa371fea220ef41d8b1459543a18aceac10062c31bf020
SSDEEP

384:Y/ydV7uoOOuK+5VdC33UbUd06RvIgS+MXAvvFn6sr/bsirhNhQ4rM/RmHYJLDCR8:iydV7SCkvqMw1vbvhfr6RmmLQbCgF0P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
628dbb8a82b5c82239a3a2e9030f96bd_JaffaCakes118

Files

628dbb8a82b5c82239a3a2e9030f96bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3db6de1f5f953c45328e1c2e035beab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
CreateThread
CloseHandle
GetLastError
SetProcessWorkingSetSize
WinExec
GetProcAddress
SetThreadPriority
GetTempPathA
ReleaseMutex
OpenMutexA
WaitForSingleObject
ExitProcess
CreateMutexA
MoveFileExA
CopyFileA
GlobalMemoryStatusEx
GetLocaleInfoW
GetModuleHandleA
GetStartupInfoA
ResumeThread
CreateProcessA
TerminateProcess
Sleep
ExitThread
GetSystemDirectoryA
lstrcatA
lstrcpyA
LoadLibraryA
GetTickCount

user32

GetDesktopWindow
ExitWindowsEx
wsprintfA

advapi32

RegQueryValueExA
OpenSCManagerA
OpenServiceA
DeleteService
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

ws2_32

htonl
recv
WSASocketA
WSAStartup
send
setsockopt
WSAIoctl
inet_addr
gethostbyname
socket
htons
connect
closesocket
__WSAFDIsSet
select
sendto

msvcrt

__CxxFrameHandler
strncpy
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
??3@YAXPAX@Z
exit
strstr
rand
sprintf
malloc
realloc
atoi
_CxxThrowException
strcspn

Sections

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3db6de1f5f953c45328e1c2e035beab

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

msvcrt

Sections

.data Size: 17KB - Virtual size: 17KB

.rsrc Size: 1KB - Virtual size: 4KB

.data
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 4KB