722d31c650f2173598a5b603432bee52_JaffaCakes118

General

Target

722d31c650f2173598a5b603432bee52_JaffaCakes118
Size

18KB
MD5

722d31c650f2173598a5b603432bee52
SHA1

3243e6e41fbca45fcf1840ede01f2ab57d034b2b
SHA256

9e0918059f745b11dafe6a793bf5831aa837317033dac2bb0cdb09259b9cd685
SHA512

bccdc5ec1e038a1e60597544365f7d1fece114ce1a186ccee0939de0d273c562762470573113aa7ac88cc58abc04c39e46938663cdd1758d88cbf1ed690758b2
SSDEEP

384:RKvLN2UCkLzdo7hMg61pkTOqUBIzcbBiaE+EOft:RKzNnXmcNYckaE+xt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
722d31c650f2173598a5b603432bee52_JaffaCakes118

Files

722d31c650f2173598a5b603432bee52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6d0d3a8e802444d18fbd136f5e82d0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcAddress
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalMemoryStatus
LoadLibraryA
LocalAlloc
GetLogicalDrives
MultiByteToWideChar
ReadFile
SetFilePointer
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
GetDriveTypeA
lstrcpynA
lstrlenA
GetDiskFreeSpaceA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
CreateFileA
CloseHandle
LocalFree
lstrcpyA

wsock32

gethostbyname
connect
gethostname
recv
send
socket
closesocket
WSAStartup

advapi32

IsValidSid
GetUserNameA
RegCloseKey
RegCreateKeyA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
GetSidIdentifierAuthority
GetSidSubAuthority
GetSidSubAuthorityCount
LookupAccountNameA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoTaskMemFree

rasapi32

RasGetEntryPropertiesA
RasGetEntryDialParamsA
RasEnumEntriesA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6d0d3a8e802444d18fbd136f5e82d0f

Headers

File Characteristics

Imports

user32

kernel32

wsock32

advapi32

shell32

ole32

rasapi32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 131KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 131KB