779fdf8859c9bad4fa26b8b8643d9338_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

779fdf8859c9bad4fa26b8b8643d9338_JaffaCakes118
Size

47KB
MD5

779fdf8859c9bad4fa26b8b8643d9338
SHA1

88125995bf03290b4bffa3faf893755bccc3f067
SHA256

fa85c5706c2820231fb6673ed0acc08a3f6477efb26d0c82a14d2e6423f40626
SHA512

e3cad49effe7bffea212b6f41cb0426394acc0fb8c8c39270b6a2cf79cdcebe6099a0319eb575c4a401ebf4367929ff760409a926df4854d19578bab9ccb42db
SSDEEP

768:GGl8CQbxryjN0dgdS2GiYNyQs/npNJw9AyljampBbrR:9+CQbROUgof2e9AeBR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
779fdf8859c9bad4fa26b8b8643d9338_JaffaCakes118

Files

779fdf8859c9bad4fa26b8b8643d9338_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a09a3bc63568588f4cf0e9b2572bb910

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromCLSID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance
CoCreateGuid

kernel32

GlobalAlloc
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetFileSize
GetLastError
CloseHandle
CopyFileA
CreateFileA
lstrlenW
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
_lwrite
_lread
_lopen
_lcreat
_lclose
CreateFileMappingA
CreateToolhelp32Snapshot
ExitProcess
FindClose
FindFirstFileA
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
ReadFile
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GlobalMemoryStatus
GlobalFree
GetLocalTime
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
FindNextFileA

user32

GetDC
ReleaseDC
wsprintfA

oleaut32

SafeArrayAccessData
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayUnaccessData
SysAllocString
SysFreeString

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegCreateKeyA
RegCloseKey
OpenProcessToken
GetUserNameA

shlwapi

StrStrIA
StrRChrA
StrCmpNA
StrChrA

shell32

ShellExecuteA

wsock32

socket
send
recv
inet_addr
gethostname
gethostbyname
connect
closesocket
WSAStartup

ws2_32

WSAIoctl

rasapi32

RasGetEntryDialParamsA
RasGetEntryPropertiesA
RasEnumEntriesA

gdi32

GetDeviceCaps

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a09a3bc63568588f4cf0e9b2572bb910

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

shell32

wsock32

ws2_32

rasapi32

gdi32

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 216KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 216KB

.rsrc
Size: 1024B - Virtual size: 1024B