8757b3275163ec6a1d00630d7c12e358_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8757b3275163ec6a1d00630d7c12e358_JaffaCakes118
Size

50KB
MD5

8757b3275163ec6a1d00630d7c12e358
SHA1

8e190f51cdd40d9c10286233b74e81d2096140cd
SHA256

7587fde37e1ee9578ebaf8ff47c9c356550ba102ac6f1ab2634c29059a767c8b
SHA512

5194517e10c0a5758d2567368fd95b8585191145bc7345ab81e1fdc7d3fed4d550b0efe4d5d97dbdbb0fe0fe827ecf13471dc324b611f19d8ec5a3011d093a04
SSDEEP

768:K/SrL2hDoGS2GcYNyWh4SuoMzLMsSdUZZZZZZZZZZZZZZZZQrRR9L:L2hDo5dZJuoMnMsSV7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8757b3275163ec6a1d00630d7c12e358_JaffaCakes118

Files

8757b3275163ec6a1d00630d7c12e358_JaffaCakes118
.exe windows:4 windows x86 arch:x86

866e5e27f9dc8a281e3b96d924afef95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal

kernel32

GetWindowsDirectoryA
GetDiskFreeSpaceA
CloseHandle
CreateFileA
CreateFileMappingA
CreateToolhelp32Snapshot
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetComputerNameA
GetCurrentDirectoryA
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
WriteFile
UnmapViewOfFile
Sleep
ReadFile
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GlobalMemoryStatus
GlobalFree
GlobalAlloc
GetDriveTypeA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileSize
GetCurrentProcess

user32

ReleaseDC
MessageBoxA
GetDC
wsprintfA

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreateVector

advapi32

OpenProcessToken
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
LookupPrivilegeValueA
RegCreateKeyA
AdjustTokenPrivileges
GetUserNameA
RegCloseKey

shlwapi

StrRChrA
StrStrIA

wsock32

socket
send
recv
gethostname
connect
closesocket
WSAStartup

rasapi32

RasGetEntryPropertiesA
RasGetEntryDialParamsA
RasEnumEntriesA

gdi32

GetDeviceCaps

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

866e5e27f9dc8a281e3b96d924afef95

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

wsock32

rasapi32

gdi32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 152KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 152KB

.rsrc
Size: 29KB - Virtual size: 29KB