6a2c8c5c05a0cb16ed55e8800f976fa3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a2c8c5c05a0cb16ed55e8800f976fa3_JaffaCakes118
Size

17KB
MD5

6a2c8c5c05a0cb16ed55e8800f976fa3
SHA1

fe0b5d5a6b6b4ad6b74a9c1096a6613ed0f59afb
SHA256

3dbe7d23cc6be4fbf3d8d830861b483fef081e49a3bd876a8d6fd3e2b0017ba0
SHA512

ba79449d94744cf513d8b0dbe4db079c399773089742911bb03ffc83e5e50e38a7fe64bf755072e8ae64705f97644c72e8cf4544285ee1e6b3bc78a2a052b4fc
SSDEEP

384:oQe/vowy54hDOzfC+V+nIqsbP6Ecc6e0DtrWCl8CbWNRy:+/vowy540m+V+nPEZ6heC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a2c8c5c05a0cb16ed55e8800f976fa3_JaffaCakes118

Files

6a2c8c5c05a0cb16ed55e8800f976fa3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6c2e3192b2a3e4c8fd0f5c4b7d11708

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal
CoTaskMemFree

kernel32

GetTempPathA
FindClose
FindFirstFileA
CloseHandle
lstrlenW
CopyFileA
CreateFileA
CreateFileMappingA
CreateToolhelp32Snapshot
DeleteFileA
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MapViewOfFile
LocalFree
LoadLibraryA
GlobalMemoryStatus
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
FindNextFileA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetLocalTime
GetFileSize
GetDriveTypeA
GetDiskFreeSpaceA
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetComputerNameA
ExitProcess

user32

wsprintfA
GetDC
ReleaseDC

advapi32

RegCreateKeyA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegEnumValueA
GetUserNameA
RegEnumKeyExA

shlwapi

StrRChrA
StrStrIA
StrChrA
StrCmpNA

shell32

ShellExecuteA

wsock32

socket
send
recv
inet_addr
gethostname
gethostbyname
connect
closesocket
WSAStartup

rasapi32

RasEnumEntriesA
RasGetEntryPropertiesA
RasGetEntryDialParamsA

gdi32

GetDeviceCaps

Sections

Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 406B - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6c2e3192b2a3e4c8fd0f5c4b7d11708

Headers

File Characteristics

Imports

ole32

kernel32

user32

advapi32

shlwapi

shell32

wsock32

rasapi32

gdi32

Sections

Size: 8KB - Virtual size: 14KB

Size: 2KB - Virtual size: 2KB

Size: 2KB - Virtual size: 171KB

Size: 2KB - Virtual size: 1KB

Size: 512B - Virtual size: 172KB

Size: 406B - Virtual size: 204KB