2a815c927a6ffd93964e22a9d9be3a0d_JaffaCakes118

General

Target

2a815c927a6ffd93964e22a9d9be3a0d_JaffaCakes118
Size

58KB
MD5

2a815c927a6ffd93964e22a9d9be3a0d
SHA1

8610955c3dbe52227d544e4fe2e23571f0673248
SHA256

69c332190b00925e4747c1d0f16a3f7ec0045094416bc776586bcd3dfdb95595
SHA512

7a7aa8daff034d0456d13ddb2661d8e437ce61fe93de49d2eb1cf8d732a17738f2306fb34fc6d122ce173e6b12f9ad6aca6201c00c15e57c32bbf0c94a8af15a
SSDEEP

1536:RwOIT8ixVgKb2nsAX1MXWLb+QlzCicqwyyu:i5Z2sAFMXC3zrcqVy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a815c927a6ffd93964e22a9d9be3a0d_JaffaCakes118

Files

2a815c927a6ffd93964e22a9d9be3a0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9f6304b1861834f627ad2aba2a9a8e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

traffic

TcSetFlowA
TcAddFilter
TcAddFlow
TcCloseInterface
TcDeleteFilter
TcSetFlowA
TcAddFilter
TcAddFlow
TcCloseInterface
TcDeleteFilter
TcSetFlowA
TcSetFlowA
TcSetFlowA

kernel32

VirtualAllocEx
GetSystemDirectoryA
TlsFree
GetDiskFreeSpaceW
CreateFileA
GetThreadTimes
ReadFile
GetACP
TlsFree
TlsFree
ReplaceFileA
IsProcessInJob
GlobalFree
DeleteAtom
CreatePipe
DuplicateHandle
EncodePointer
GlobalFree
DeleteAtom
EnterCriticalSection
FreeLibrary
GetThreadLocale
FindNextFileA
GetModuleHandleW
GetFileTime
SetComputerNameW
LockFileEx
ExitProcess
AllocConsole
GetThreadTimes
ReleaseMutex
HeapWalk
LCMapStringW
IsValidLocale

srclient

EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR

Sections

.text
Size: 512B - Virtual size: 430B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c9f6304b1861834f627ad2aba2a9a8e0

Headers

File Characteristics

Imports

traffic

kernel32

srclient

Sections

.text Size: 512B - Virtual size: 430B

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 48KB - Virtual size: 52KB

.DATA Size: 512B - Virtual size: 16KB

.text
Size: 512B - Virtual size: 430B

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 48KB - Virtual size: 52KB

.DATA
Size: 512B - Virtual size: 16KB