deac69d9ed687556e5a4436a062cb2f8_JaffaCakes118

General

Target

deac69d9ed687556e5a4436a062cb2f8_JaffaCakes118
Size

52KB
MD5

deac69d9ed687556e5a4436a062cb2f8
SHA1

ea7091bed1d6468ac8b5f34fcef8a8b4c4fb467b
SHA256

d6b82f954b6d9d19bf010aa21b0c90d2a2d4f34e654034094ca0f1cad5035dcb
SHA512

dea38b2323139ad5e5536009e5681f45cd1a3cb70ae4ad82fcf143b8bd4ff3057164cf3464e03f877aabda6af2f9883f2763102b6f0e50a2944fe4255ac6f2e3
SSDEEP

768:qRX/omxRstnWRe+fH+ZKs69VK39jV2UloEZpYQ7kOo9v:4/Le+vYKs6Mz2gogWQVol

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deac69d9ed687556e5a4436a062cb2f8_JaffaCakes118

Files

deac69d9ed687556e5a4436a062cb2f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2770c7b70b752244a7f4d464cc88d0b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
DeleteFileA
CloseHandle
WriteFile
CreateFileA
GetFileSize
ReadFile
SetEnvironmentVariableA
GetCurrentDirectoryA
CompareStringA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
FreeLibrary
GetSystemDirectoryA
LoadLibraryA
CompareStringW
GetProcAddress
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapAlloc
SetFilePointer
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetLastError
SetEndOfFile

user32

GetAsyncKeyState
GetKeyState
GetKeyboardLayoutNameA
TranslateMessage
DispatchMessageA
GetMessageA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowTextA
GetForegroundWindow

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

ws2_32

WSACleanup
closesocket
send
recv
connect
htons
socket
gethostbyname
gethostname
WSAStartup

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2770c7b70b752244a7f4d464cc88d0b3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 10KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 10KB