bd3e73c7e8ee5580688354df9ab74067_JaffaCakes118

General

Target

bd3e73c7e8ee5580688354df9ab74067_JaffaCakes118
Size

26KB
MD5

bd3e73c7e8ee5580688354df9ab74067
SHA1

f0654d996f851c803fcd075b6ee728b99828cfd3
SHA256

24a9ae0ca36cfa78ac10a9378806d49d1855b49958a878c2e6fc486add8e250e
SHA512

95766848be8c3c0df3b4497e4bf55582e2f47050a4f9ab7bdb84fbe6913162c03b500ee30f676199d87e35638756ebaf3fc912706f6aadf4d897d87f0fdfdb0e
SSDEEP

384:/mu1maf5O2Re/qZvxk4H6BvFSlezG6UYgYfnYMBKqDMLVWQ1ol:J3f5OViZpk4mNS2GQYNy81ol

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd3e73c7e8ee5580688354df9ab74067_JaffaCakes118

Files

bd3e73c7e8ee5580688354df9ab74067_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26823e1e470ebd6ebee77a86a56ddbfe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal
CoTaskMemFree

kernel32

GlobalFree
GetDriveTypeA
GetFileSize
CloseHandle
CreateFileA
CreateFileMappingA
CreateToolhelp32Snapshot
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetComputerNameA
GetCurrentDirectoryA
lstrlenW
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GlobalMemoryStatus
GetLocalTime
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetDiskFreeSpaceA

user32

GetDC
wsprintfA
ReleaseDC

oleaut32

SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
GetUserNameA

shlwapi

StrCmpNA
StrRChrA
StrStrIA
StrChrA

wsock32

WSAStartup

rasapi32

RasGetEntryPropertiesA
RasEnumEntriesA
RasGetEntryDialParamsA

gdi32

GetDeviceCaps

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

26823e1e470ebd6ebee77a86a56ddbfe

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

wsock32

rasapi32

gdi32

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 185KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 185KB