0413dc24d992f52ef6bd9e2cc7090397_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0413dc24d992f52ef6bd9e2cc7090397_JaffaCakes118
Size

542KB
MD5

0413dc24d992f52ef6bd9e2cc7090397
SHA1

44ac9f5531c6a379069e3c3389d740615a15c1bf
SHA256

6a3c36c7f1c73451ee48270d78b27b7a0acd3df34785b35ed0e897c4ebb86310
SHA512

c9cf79e820bc5ac618386377140817d9cc8ff7aa05eea90d63d483a00560ddba1776eb8ff0a2333fa6b4fa7a11ef814f3bc9af37b15411f4bf43d33731639cc7
SSDEEP

12288:1j2UBM8RjUbgOe5iBk9mjVTCgA80aV/oDIPL75v1lLt8ZDSF:1j2U00d5MnC780aV/oDIj75vfxp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0413dc24d992f52ef6bd9e2cc7090397_JaffaCakes118

Files

0413dc24d992f52ef6bd9e2cc7090397_JaffaCakes118
.exe windows:4 windows x86 arch:x86

391bcbcd453350326b2b6cea6458f4a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance

kernel32

GlobalMemoryStatus
GetDiskFreeSpaceA
GetDriveTypeA
GetFileSize
GetLastError
GetLocalTime
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
CreateToolhelp32Snapshot
ExitProcess
lstrlenW
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
_lwrite
_lread
_lopen
FindClose
FindFirstFileA
FindNextFileA
GetComputerNameA
GetCurrentDirectoryA
_lcreat
_lclose
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
ReadFile
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GetLocaleInfoA
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetModuleFileNameA
GetLogicalDrives
GetCurrentProcess

user32

ReleaseDC
ExitWindowsEx
wsprintfA
GetDC

oleaut32

SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayUnaccessData
SysAllocString
SysFreeString

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegCreateKeyA
RegCloseKey
OpenProcessToken
GetUserNameA

shlwapi

StrRChrA
StrStrIA
StrChrA
StrCmpNA

shell32

ShellExecuteA

wsock32

socket
send
recv
gethostname
closesocket
WSAStartup

ws2_32

WSAIoctl

rasapi32

RasGetEntryPropertiesA
RasGetEntryDialParamsA
RasEnumEntriesA

gdi32

GetDeviceCaps

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 510KB - Virtual size: 694KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

391bcbcd453350326b2b6cea6458f4a6

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

shell32

wsock32

ws2_32

rasapi32

gdi32

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 510KB - Virtual size: 694KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 510KB - Virtual size: 694KB

.rsrc
Size: 5KB - Virtual size: 4KB