107ce1e7a8c89bc3a2d071d1dcc2506f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

107ce1e7a8c89bc3a2d071d1dcc2506f_JaffaCakes118
Size

40KB
MD5

107ce1e7a8c89bc3a2d071d1dcc2506f
SHA1

6bcabee959fc977fc1cfd28b7918e9d1b2d29cf9
SHA256

1aba39199e6fc6b26c957abdf9a7713b253fd2c826a891855f5518d5879f25be
SHA512

b51c3d9a92754c47085f46eb61d7ec984b161669258ad4857885b31e234181bff4b0ae3cfc6ec66299f245fd2d8ef3ca32bfcb0da5367ada2381ccae84aa54a4
SSDEEP

384:JHyqiUZahhNRhogr+LO0qfVVyNS0bNC+a2Mqo2kigO84nYmURX5z1PRLNHpjlV8c:Jr94hbk3NCH5y2RPgff

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
107ce1e7a8c89bc3a2d071d1dcc2506f_JaffaCakes118

Files

107ce1e7a8c89bc3a2d071d1dcc2506f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7b63a34875be0b085eb252c60c5e52d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
SetWindowLongA
TranslateMessage
GetMessageA
DispatchMessageA
CreateWindowExA
SetTimer

kernel32

GetVolumeInformationA
lstrcmpA
lstrcatA
_lwrite
lstrlenA
lstrcpynA
lstrcpyA
CloseHandle
CopyFileA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentVariableA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcAddress
GetStartupInfoA
GetVersionExA
_lcreat
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalMemoryStatus
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
ReadFile
SetFilePointer
Sleep
WideCharToMultiByte
WinExec
WriteFile
_lclose
lstrcmpiA

wsock32

WSAStartup
accept
bind
closesocket
connect
gethostbyname
gethostname
listen
recv
send
shutdown
socket

advapi32

RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
IsValidSid
GetUserNameA
LookupAccountNameA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ole32

StringFromCLSID
CoCreateGuid
CoTaskMemFree

rasapi32

RasGetEntryDialParamsA
RasGetEntryPropertiesA
RasEnumEntriesA

ws2_32

WSASocketA

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c7b63a34875be0b085eb252c60c5e52d

Headers

File Characteristics

Imports

user32

kernel32

wsock32

advapi32

shell32

ole32

rasapi32

ws2_32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 152KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 152KB

.rsrc
Size: 4KB - Virtual size: 2KB