89290f21e4935e4f81dc2654a358dc5c_JaffaCakes118

General

Target

89290f21e4935e4f81dc2654a358dc5c_JaffaCakes118
Size

56KB
MD5

89290f21e4935e4f81dc2654a358dc5c
SHA1

ca5f9146c0acf9baab7881dfce3eed2423f4099a
SHA256

5c0a35e7ea46d62af5b5164977bb6bfc57713d55af65e26861ae7f1264244c79
SHA512

2059a28e5b8633131a4405f49e425c838d4885af5da9392afed936452c51c8d7656a297f866da23bf1f34501217bfa07ff6e0f8d0fc294e5a5b5d1f11dd9c9f8
SSDEEP

1536:xJcekVSR+8u0q65IWOxnBTZ4E5VHbza2lVoBW:rceiSR+8JjuWOxnBT35V7za2lVoB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89290f21e4935e4f81dc2654a358dc5c_JaffaCakes118

Files

89290f21e4935e4f81dc2654a358dc5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6586010c18a81ce2625b01dd90e6a26a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
SetFileAttributesA
FindFirstFileA
ExitThread
GlobalFree
GlobalAlloc
UnmapViewOfFile
lstrlenA
MapViewOfFile
CreateFileMappingA
SetFilePointer
WriteFile
CloseHandle
GetFileSize
CreateFileA
GetTickCount
Sleep
GetFullPathNameA
SetCurrentDirectoryA
GetDriveTypeA
FindNextFileA
CreateDirectoryA
lstrcatA
GetLogicalDriveStringsA
GetTempPathA
CreateThread
ExitProcess
lstrcmpiA
WaitForSingleObject
GetLocaleInfoA
GetVersionExA
GetWindowsDirectoryA
ReleaseMutex
LoadLibraryA
TerminateThread
GetCurrentProcess
CreateMutexA
GetStartupInfoA
FindClose
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
CreateProcessA
ExpandEnvironmentStringsA
GetLastError
GetFileAttributesA

user32

wsprintfA
CharLowerA

msvcrt

sprintf
??2@YAPAXI@Z
rand
srand
atoi
free
strncpy
strtok
_vsnprintf
strchr
_snprintf
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3
strstr
fopen
fprintf
fclose
malloc

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
GetUserNameA

ws2_32

socket
ioctlsocket
connect
closesocket

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6586010c18a81ce2625b01dd90e6a26a

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

ws2_32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 283KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 283KB