11acb28cccee710bb7bf8c74fbe00e54_JaffaCakes118

General

Target

11acb28cccee710bb7bf8c74fbe00e54_JaffaCakes118
Size

58KB
MD5

11acb28cccee710bb7bf8c74fbe00e54
SHA1

72dbc5d1e3a22754ea26c19ea411f4f856130c15
SHA256

34f7065f95e343faa374b02bcdb01024f6e0181f79d64ca85d163fafa5df7c63
SHA512

48978e2b74c99d70e8c073a891a7b70b19e54d3043b79a8e3c69ddb7f7e8d9cc202a74caa8c028710d67812643b49a83b0807d146119e3b9a5f8f38d709b37b3
SSDEEP

1536:R9M8pxVgKb2nsAX1MXWLb+QlzCicqwyyu:XZ2sAFMXC3zrcqVy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11acb28cccee710bb7bf8c74fbe00e54_JaffaCakes118

Files

11acb28cccee710bb7bf8c74fbe00e54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d584184bbace45ff82676c0500aa04c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

traffic

TcSetFlowA
TcAddFilter
TcAddFlow
TcCloseInterface
TcDeleteFilter
TcSetFlowA
TcAddFilter
TcAddFlow
TcCloseInterface
TcDeleteFilter
TcSetFlowA
TcSetFlowA
TcSetFlowA

kernel32

VirtualAllocEx
GetSystemDirectoryA
TlsFree
GetDiskFreeSpaceW
CreateFileA
GetThreadTimes
ReadFile
GetACP
TlsFree
TlsFree
ReplaceFileA
IsProcessInJob
GlobalFree
GetComputerNameA
CreatePipe
DuplicateHandle
GetConsoleAliasA
GlobalFree
IsValidCodePage
EnterCriticalSection
FreeLibrary
GetThreadLocale
FindNextFileA
GetModuleHandleW
GetFileTime
SetComputerNameW
LockFileEx
ExitProcess
AllocConsole
GetThreadTimes
ReleaseMutex
HeapWalk
LCMapStringW
IsValidLocale

srclient

EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR

Sections

.text
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d584184bbace45ff82676c0500aa04c

Headers

File Characteristics

Imports

traffic

kernel32

srclient

Sections

.text Size: 1024B - Virtual size: 968B

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 48KB - Virtual size: 56KB

.DATA Size: 512B - Virtual size: 16KB

.text
Size: 1024B - Virtual size: 968B

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 48KB - Virtual size: 56KB

.DATA
Size: 512B - Virtual size: 16KB