55a0f16c3f710bd26672f0eb3450f7e3_JaffaCakes118

General

Target

55a0f16c3f710bd26672f0eb3450f7e3_JaffaCakes118
Size

68KB
MD5

55a0f16c3f710bd26672f0eb3450f7e3
SHA1

51e9b144c022068c8ae07d14d1298313c110fb2d
SHA256

dbae1f0df6a763bb9907aacb1a923da607c2f806200a310773a5d5f500683bd4
SHA512

0ea27a438788016ee02b289c14dc90b53ed55203600067137d17a62041068e0678cbe6d2732e354309f17e4fa57bc48251adac63448a04fb1e2afddaedfb85bd
SSDEEP

1536:Z+M+4u4s7ACH+S3gw17uKo9RsZGRSN/8ZEP5YK:Iqs7d+uCKEs0RSN8w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55a0f16c3f710bd26672f0eb3450f7e3_JaffaCakes118

Files

55a0f16c3f710bd26672f0eb3450f7e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6cf1a78e69be958a8d9c1027c167241

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetFileEnum
NetFileGetInfo
NetFileClose

mpr

WNetCancelConnection2W
WNetAddConnection2W

kernel32

FormatMessageW
LocalFree
GetLastError
CloseHandle
GetCurrentProcess
GetComputerNameW
GetVersion
WriteFile
GetEnvironmentStrings
GetCommandLineW
GetEnvironmentStringsW
CreateFileA
ExitProcess
TerminateProcess
HeapFree
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetConsoleMode
HeapReAlloc
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
GetModuleFileNameA
SetFilePointer
VirtualAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
LCMapStringA
LCMapStringW
ReadConsoleInputA
ReadFile
SetConsoleMode

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6cf1a78e69be958a8d9c1027c167241

Headers

File Characteristics

Imports

netapi32

mpr

kernel32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 24KB