a689b94ea3c16dedce927aa496b80ea6_JaffaCakes118

General

Target

a689b94ea3c16dedce927aa496b80ea6_JaffaCakes118
Size

18KB
MD5

a689b94ea3c16dedce927aa496b80ea6
SHA1

d892e571ff9beea7de3d1d16c3467e9f7a213f52
SHA256

c51251e4f0434d8982c791ad9b396c641149d2548f37ce9594cf4d14ac6cdb50
SHA512

3b0aebe56fa25df39765cad66e99c6049a6a450641c2e797fa6ad0e0e32e7756d2942c19b03e65ae6ca83b67aa2f7ca189a87c1ff42734e08886680a3040f5cc
SSDEEP

384:rDUXvgzCOLLqsdq6SgQjaPlx/HDwbs5vonbbuSE0Eftr:rDsq33FZlqfuSEPt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a689b94ea3c16dedce927aa496b80ea6_JaffaCakes118

Files

a689b94ea3c16dedce927aa496b80ea6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a549e456c92e0158bf73398b4491fda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

GetLogicalDrives
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcAddress
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalMemoryStatus
LoadLibraryA
GetDriveTypeA
LocalFree
MultiByteToWideChar
ReadFile
SetFilePointer
Sleep
WideCharToMultiByte
lstrcatA
lstrcmpA
lstrcmpiA
GetDiskFreeSpaceA
lstrcpynA
lstrlenA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
CreateFileA
CopyFileA
CloseHandle
LocalAlloc
lstrcpyA

wsock32

gethostbyname
connect
gethostname
recv
send
socket
closesocket
WSAStartup

advapi32

IsValidSid
GetUserNameA
RegCloseKey
RegCreateKeyA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
GetSidIdentifierAuthority
GetSidSubAuthority
GetSidSubAuthorityCount
LookupAccountNameA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoTaskMemFree

rasapi32

RasGetEntryPropertiesA
RasGetEntryDialParamsA
RasEnumEntriesA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a549e456c92e0158bf73398b4491fda

Headers

File Characteristics

Imports

user32

kernel32

wsock32

advapi32

shell32

ole32

rasapi32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 131KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 131KB