af37eba9a2ff0e1a9d473ea7d1c1b03f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af37eba9a2ff0e1a9d473ea7d1c1b03f_JaffaCakes118
Size

46KB
MD5

af37eba9a2ff0e1a9d473ea7d1c1b03f
SHA1

98d1e932952d6818ca21b59209f1141317444e8d
SHA256

63d3eb652c999e3c9c631544c830b66aefdccfd365f65cab1fa3e274175eb035
SHA512

a42765cba4bc7349f7d6e618710ec25eaaf8c8592967155325049600cb150fe39437953b5a092773688261ec73a669ad999e08fe1ed8a784846f8df92b21997e
SSDEEP

768:NbjaaGeYUUCafTExSaW2/ABfjDZ5Jw9AyljampBbgp:haaeuafmNQBnm9Ae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af37eba9a2ff0e1a9d473ea7d1c1b03f_JaffaCakes118

Files

af37eba9a2ff0e1a9d473ea7d1c1b03f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a80a21b363ca1ddc8b1783e3bab919a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromCLSID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance
CoCreateGuid

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
_lwrite
_lread
_lopen
_lcreat
_lclose
WriteFile
WideCharToMultiByte
UnmapViewOfFile
CloseHandle
Sleep
ReadFile
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GlobalMemoryStatus
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetModuleHandleA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileSize
GetDriveTypeA
GetDiskFreeSpaceA
GetCurrentProcess
GetCurrentDirectoryA
GetComputerNameA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
DeleteFileA
CreateToolhelp32Snapshot
CreateFileMappingA
CreateFileA
CopyFileA
lstrlenW

user32

GetMessageA
GetDC
DispatchMessageA
CreateWindowExA
wsprintfA
ReleaseDC
SetWindowLongA
TranslateMessage
SetTimer

oleaut32

SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayUnaccessData
SysAllocString
SysFreeString

advapi32

GetUserNameA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges

shlwapi

StrRChrA
StrCmpNA
StrChrA
StrStrIA

shell32

ShellExecuteA

wsock32

gethostname
connect
closesocket
WSAStartup
socket
send
recv

ws2_32

WSAIoctl

rasapi32

RasGetEntryDialParamsA
RasGetEntryPropertiesA
RasEnumEntriesA

gdi32

GetDeviceCaps

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 23KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a80a21b363ca1ddc8b1783e3bab919a

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

shell32

wsock32

ws2_32

rasapi32

gdi32

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 219KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 219KB