ae0a4771aba9c26573a0f65ca96ef0ed_JaffaCakes118

General

Target

ae0a4771aba9c26573a0f65ca96ef0ed_JaffaCakes118
Size

19KB
MD5

ae0a4771aba9c26573a0f65ca96ef0ed
SHA1

ade0fbf2fdc51894f8dcfae382cf0ebdfb6f841c
SHA256

589dbb74cb956b6cbfb47db75e43cd09da7bf112ea76fcb62c128e2ef4caf4d5
SHA512

778a0cc3aa8a518e3056a4add59e01cdebef7a0c627273b424f893b01906af29a3b33f0abedf8d45c1f30678d4f9c1901cb84795621839861329f8fd1d6970f5
SSDEEP

384:l8T5pcEs2jPLGfu5FDMzNQNmggY5/tK9T0rcspJKhRwSMQ3hzYvkbK:lQG2bLGfQDUQQ0/jjHKHK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae0a4771aba9c26573a0f65ca96ef0ed_JaffaCakes118

Files

ae0a4771aba9c26573a0f65ca96ef0ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d19ef91cba84c1135473744da75fbec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FreeResource
GetDiskFreeSpaceExA
GetDriveTypeA
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetFileTime
GetLastError
GetLocalTime
GetLogicalDrives
GetModuleFileNameA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetTempPathA
GetVersionExA
GetWindowsDirectoryA
GlobalMemoryStatusEx
HeapAlloc
HeapFree
LoadLibraryA
LoadResource
CreateThread
OpenProcess
ReadFile
ReadProcessMemory
RtlMoveMemory
RtlZeroMemory
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SizeofResource
Sleep
VirtualAlloc
VirtualFree
VirtualQueryEx
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CreateProcessA
CreateMutexA
CreateFileA
CreateDirectoryA
CopyFileA
LockResource
CloseHandle

user32

wsprintfA
MessageBoxA
GetSystemMetrics
GetAsyncKeyState

shlwapi

PathFindFileNameA
PathMatchSpecA

advapi32

GetUserNameA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

netapi32

NetApiBufferFree
NetUserEnum

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d19ef91cba84c1135473744da75fbec

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

netapi32

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 165KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 165KB

.rsrc
Size: 3KB - Virtual size: 3KB