55d0aa106928ce8fba407e31b0b08cf4_JaffaCakes118

General

Target

55d0aa106928ce8fba407e31b0b08cf4_JaffaCakes118
Size

49KB
MD5

55d0aa106928ce8fba407e31b0b08cf4
SHA1

621ec03ef0897997b12cc276ef11308152c88f70
SHA256

1973559981a6d1a98e6c655fb3b866c622ddccf21c2dfbba1982f29c3cb62aa9
SHA512

d72b655163fd15019ff5355fdd41d0b7bf50a1537577133b1487fa4fc5fcf0140e16e0814a39f15e171eba53028bd0c00f71343cd6467b1e890b272e773a99d6
SSDEEP

384:GS9taLRHDxmCEpjoqoaE8zBgmUS36Gb2Q10RvEAlCEYYOo2kQuQO13AzIq7UNUgi:1+wlpgekg1SFQhkQuYM3zbFyT9Sx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55d0aa106928ce8fba407e31b0b08cf4_JaffaCakes118

Files

55d0aa106928ce8fba407e31b0b08cf4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb0b6ce4c2e4de6ecc6fd488910d958a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindFirstFileW
lstrcatW
CreateDirectoryW
MultiByteToWideChar
lstrlenA
lstrcmpiA
lstrcmpiW
lstrcpyW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetVersionExW
GlobalFree
GetModuleFileNameW
CreateFileW
LockResource
GlobalAlloc
LoadResource
SizeofResource
FindResourceW
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableW
GetShortPathNameW
GetModuleHandleW
CopyFileW
Sleep
GetStartupInfoW
LoadLibraryW
GetProcAddress
CreateEventW
WaitForSingleObject
WriteFile
CloseHandle

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
swprintf
_exit
_XcptFilter
exit
_wcmdln
_initterm
__wgetmainargs

user32

GetWindowThreadProcessId
EndDialog
EnumWindows
PostMessageW

iphlpapi

GetNetworkParams

advapi32

GetUserNameW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
SHChangeNotify

netapi32

NetUserGetInfo
NetApiBufferFree

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb0b6ce4c2e4de6ecc6fd488910d958a

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

iphlpapi

advapi32

shell32

netapi32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 628B

.rsrc Size: 42KB - Virtual size: 41KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 628B

.rsrc
Size: 42KB - Virtual size: 41KB