aef2f1258784a65e7df9240fba30314e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aef2f1258784a65e7df9240fba30314e_JaffaCakes118
Size

25KB
MD5

aef2f1258784a65e7df9240fba30314e
SHA1

a2676e8e1a21cf00bd3ef58c9b5587532e6a7512
SHA256

6cb496db151859f6f6ac2d08e25f41e666cd9c9bfa3a91f6eb86b1cb3bdfc3fe
SHA512

3e49c5c525886b1d3aaad68424d4909a88c6fce30732a8abaae40c194cf260e72d52168de5b5a43c677e9d329e77a25a98f1de9fe4863820e1e280fc9d8b46c0
SSDEEP

768:vXr7whenc4GleBqAbdKPlpB6dz0RUzBa:v77u+IAbdKdpB6V8aa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aef2f1258784a65e7df9240fba30314e_JaffaCakes118

Files

aef2f1258784a65e7df9240fba30314e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e347fe26d54fe667e0ae6723f085be9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA

msvcrt

_adjust_fdiv
_CIexp
ftell
__dllonexit
fflush
_purecall
fseek
_CxxThrowException
fwrite
_initterm
free
fclose
malloc
_CIpow
_CIsqrt
_onexit
exp
_except_handler3
sprintf
fopen
__CxxFrameHandler

dhcpcsvc

McastApiStartup

ws2_32

WSAGetLastError

kernel32

LocalFree
SetUnhandledExceptionFilter
GetModuleHandleA
IsBadReadPtr
GetCurrentThreadId
GetCurrentProcessId
LocalReAlloc
GetModuleFileNameA
GetSystemInfo
QueryPerformanceCounter
IsBadCodePtr
Sleep
GetProcAddress
FreeLibrary
TerminateProcess
GetVersionExA
LocalAlloc
GetTickCount
VirtualFree
GetCurrentProcess
LoadLibraryA
DisableThreadLibraryCalls
VirtualAlloc
GetSystemTimeAsFileTime
UnhandledExceptionFilter

ntdll

NtCreateKey

ddraw

DDInternalLock
AcquireDDThreadLock
CompleteCreateSysmemSurface
D3DParseUnknownCommand
ReleaseDDThreadLock
DDInternalUnlock

user32

IntersectRect
IsRectEmpty

Sections

.textbss
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e347fe26d54fe667e0ae6723f085be9

Headers

File Characteristics

Imports

advapi32

msvcrt

dhcpcsvc

ws2_32

kernel32

ntdll

ddraw

user32

Sections

.textbss Size: - Virtual size: 96KB

.text Size: 512B - Virtual size: 436B

.idata Size: 22KB - Virtual size: 22KB

.rdata Size: 512B - Virtual size: 32B

.data Size: 512B - Virtual size: 216B

.textbss
Size: - Virtual size: 96KB

.text
Size: 512B - Virtual size: 436B

.idata
Size: 22KB - Virtual size: 22KB

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 512B - Virtual size: 216B