a2dafc79452f7910b6b84704e5f1444c_JaffaCakes118

General

Target

a2dafc79452f7910b6b84704e5f1444c_JaffaCakes118
Size

165KB
MD5

a2dafc79452f7910b6b84704e5f1444c
SHA1

8ce38cf376035659c58366b2f6556230ca09003e
SHA256

78806847071370c51cab7841890214c7ae849e211b66508d753d5de2e84a3a78
SHA512

3df773236225c3fb8df85e1155d2939bfb48dfa4bd73a0c046237e74cf61aa0cf7ad0285cef0b56c80a7cd216ac233f2abef347df94ff0734b96135102ac0872
SSDEEP

3072:w3KeUawzKOVsnSuR651Y76NXWp5dTvJAIp32/tZWmUAPKMurUHkqH2XN3Zj7Z4xW:w3IafSBK4K/pmlZWm9KSHkhXNpjl3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2dafc79452f7910b6b84704e5f1444c_JaffaCakes118

Files

a2dafc79452f7910b6b84704e5f1444c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa3a63ac48bb8006e1ad76b4e9c6183f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

mpr

WNetLogonNotify
WNetLogonNotify
WNetCloseEnum
WNetCloseEnum
WNetCloseEnum
WNetLogonNotify
WNetLogonNotify
WNetCloseEnum
WNetLogonNotify
WNetSetConnectionA
WNetLogonNotify
WNetCloseEnum
WNetLogonNotify
WNetCloseEnum
WNetLogonNotify
WNetLogonNotify
WNetLogonNotify
WNetCloseEnum
WNetCloseEnum
WNetCloseEnum

kernel32

TerminateProcess
WaitForSingleObject
LoadLibraryExW
GetStartupInfoA
GetSystemTime
GetSystemTime
LoadLibraryExA
LoadLibraryExA
CreateProcessA
ReadFile
CreateProcessW
TerminateProcess
WriteProcessMemory
VirtualProtectEx
LoadLibraryExA
LoadLibraryExA
ReleaseMutex
CreateProcessA
GetSystemTime
VirtualProtectEx
GetProcAddress
LoadLibraryA
VirtualProtect
GetProfileIntA
GetBinaryTypeW
Sleep
GetStartupInfoA
VirtualProtectEx
VirtualProtect
CreateProcessA
LoadLibraryExA
GetStartupInfoA
SleepEx
GetSystemTime
CreateProcessW
ReleaseMutex
GetStartupInfoA
CreateFileA
VirtualProtect
CreateProcessW
VirtualProtectEx
GetSystemTime
GetSystemTimeAsFileTime
ReleaseMutex
LoadLibraryA

Sections

.text
Size: 4KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

trj
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

431
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa3a63ac48bb8006e1ad76b4e9c6183f

Headers

File Characteristics

Imports

mpr

kernel32

Sections

.text Size: 4KB - Virtual size: 1024KB

.data Size: 4KB - Virtual size: 4KB

trj Size: 2KB - Virtual size: 4KB

431 Size: 2KB - Virtual size: 4KB

.rsrc Size: 152KB - Virtual size: 151KB

.text
Size: 4KB - Virtual size: 1024KB

.data
Size: 4KB - Virtual size: 4KB

trj
Size: 2KB - Virtual size: 4KB

431
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 152KB - Virtual size: 151KB