d2a7478f140c945c629b31380225f2d5_JaffaCakes118

General

Target

d2a7478f140c945c629b31380225f2d5_JaffaCakes118
Size

11KB
MD5

d2a7478f140c945c629b31380225f2d5
SHA1

4e3cce78380a810b6b46dad5669200e5a7bb8581
SHA256

c16566f2a8e490a9c2419184724af33c9465a8703dadae4876988772c462d24a
SHA512

79d26a22e3d066f089c8dd5140818c607005dcccd253106d02ff4903ef6481730ff7e4fc6a331f23ea0e0ee111fe5e5839904d0443160061b3a9e17130461405
SSDEEP

96:3H7jZDb7D6RG+mz7CumozUD63HQuGerKMR6awA+V/SL8xSL8xdzBRasjgvytbV3r:3HnKmz3GvgRw/SWSWzsv4cbseQSlM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2a7478f140c945c629b31380225f2d5_JaffaCakes118

Files

d2a7478f140c945c629b31380225f2d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d7f16ee5f278020f351997a7506fc2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal

kernel32

lstrlenA
lstrcpyA
lstrcatA
WriteFile
UnmapViewOfFile
Sleep
Process32Next
Process32First
OpenProcess
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GlobalMemoryStatus
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetLocalTime
GetFileSize
GetDriveTypeA
GetDiskFreeSpaceA
GetCurrentDirectoryA
GetComputerNameA
ExitProcess
CreateToolhelp32Snapshot
CreateFileMappingA
CreateFileA
CloseHandle

user32

GetDC
ReleaseDC
wsprintfA

oleaut32

SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData

advapi32

RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegCloseKey
GetUserNameA
RegEnumValueA

shlwapi

StrStrIA

shell32

ShellExecuteA

wsock32

gethostname
connect
closesocket
WSAStartup
socket
send
recv

ws2_32

WSAIoctl

gdi32

GetDeviceCaps

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d7f16ee5f278020f351997a7506fc2a

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

shell32

wsock32

ws2_32

gdi32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 149KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 149KB

.rsrc
Size: 1KB - Virtual size: 1KB