add6f8eab7567283f677c9fcf9463060_JaffaCakes118

General

Target

add6f8eab7567283f677c9fcf9463060_JaffaCakes118
Size

10KB
MD5

add6f8eab7567283f677c9fcf9463060
SHA1

e7968e20aa6036a75f4f11bc5f0933d6d6f2adbe
SHA256

524326fd1ac4ea75cea890e79351fff7be0792a3365d3fd918fa24c504523045
SHA512

b4422562cc6d57c41740e618087ef4a2f3ec6d15e919f066b9f49222dd760a92453c6bc8ae800934b8dfedab4b7297fa3413dd00b06c68554d5adbe2601f89ce
SSDEEP

192:AG/X5sSFWZLtRlbDlnMft7S6ZmH0r/nCzU8:AeQZLtRlbRnMftO6ZZCzU8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
add6f8eab7567283f677c9fcf9463060_JaffaCakes118

Files

add6f8eab7567283f677c9fcf9463060_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bd888a910c407305f07d068a3a670a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcessHeap
HeapAlloc
HeapFree
CreateProcessA
LocalFree
MultiByteToWideChar
Sleep
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
GetProcAddress
LocalAlloc
LoadLibraryA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumValueA
RegDeleteValueA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

rasapi32

RasDialA
RasEnumConnectionsA
RasEnumDevicesA
RasGetEntryPropertiesA
RasHangUpA
RasSetEntryDialParamsA
RasSetEntryPropertiesA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

user32

DialogBoxParamA
ShowWindow
MessageBoxA
EndDialog
wsprintfA

winmm

timeGetTime

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rebld_r
Size: 108B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rebld_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2bd888a910c407305f07d068a3a670a3

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

rasapi32

shell32

user32

winmm

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 47KB

.rsrc Size: 1024B - Virtual size: 928B

.rebld_r Size: 108B - Virtual size: 108B

.rebld_i Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 47KB

.rsrc
Size: 1024B - Virtual size: 928B

.rebld_r
Size: 108B - Virtual size: 108B

.rebld_i
Size: 1KB - Virtual size: 1KB