bc5a94241774c1140bd724c3e2aee9a2_JaffaCakes118

General

Target

bc5a94241774c1140bd724c3e2aee9a2_JaffaCakes118
Size

43KB
MD5

bc5a94241774c1140bd724c3e2aee9a2
SHA1

b9107c299dcb73bfb1c58e66bb45807cc941ff0e
SHA256

4479559bbc2b20231567b4467ad55ec85a33609201d10491f9fb1949052a2647
SHA512

1453a7a6715873634f60a0231cbc2fa58ca2feca8798af2bba731b626dbf6d5d36834fa18345dbc20c456bfe4d1f8d8ee5bd8652ec936b809d5bd589eab0a1b6
SSDEEP

768:/R0NDS5dqFquUKgjNQBfAQcAN9DjTLtKfj39ngM4bkdBTogXM/DcA:/c2nLKrYqNBjkfJc2BhXu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc5a94241774c1140bd724c3e2aee9a2_JaffaCakes118

Files

bc5a94241774c1140bd724c3e2aee9a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55c678f79540096b345e95318c1dd1df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError

tapi32

lineGetCallInfoA
lineMakeCallA
lineGetDevConfigA
lineGetAddressCapsA
lineAccept
lineGetCallStatus
lineShutdown
lineClose
lineGetIDA
lineDeallocateCall
lineNegotiateExtVersion
lineGetDevCapsA
lineOpenA
lineAnswer
lineInitializeExA
lineSetStatusMessages
lineNegotiateAPIVersion
lineDrop
lineSetDevConfigA

icaapi

IcaCdWaitForSingleObject
IcaMemoryFree
IcaMemoryAllocate
IcaCdIoControl
IcaCdWaitForMultipleObjects

ntdll

strstr
wcstombs
NtAllocateVirtualMemory
strncpy
NtLoadKey
atol
_stricmp

kernel32

CreateMutexA
CreateEventA
lstrcpynA
GetCommState
WaitForSingleObject
SetCommState
GetLastError
Sleep
CloseHandle
ExitProcess
LoadLibraryA
LocalFree
SetEvent
ResetEvent
Beep
CreateThread
SetupComm
CreateEventW
DeviceIoControl
ReleaseMutex
GetCurrentThreadId

user32

DispatchMessageA
GetMessageA
TranslateMessage
PostThreadMessageA

advapi32

IsValidSecurityDescriptor
RegQueryValueExA
GetSecurityDescriptorControl
GetSecurityDescriptorLength

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55c678f79540096b345e95318c1dd1df

Headers

File Characteristics

Imports

ws2_32

tapi32

icaapi

ntdll

kernel32

user32

advapi32

Sections

.text Size: 20KB - Virtual size: 20KB

.rsrc Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 11KB - Virtual size: 664KB

.text
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 11KB - Virtual size: 664KB