f0c86cc35269dcac5b6f730678a080ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0c86cc35269dcac5b6f730678a080ba_JaffaCakes118
Size

140KB
MD5

f0c86cc35269dcac5b6f730678a080ba
SHA1

365ac737b926df12b921aa58513d4af372784382
SHA256

79ae9d3a1e3c27d49be6e3209db311a4c392a07be65bb19fef71094de7f933dd
SHA512

e343165171801d92eebab591e48a0842bc73e79779e4b13cf4595fcdecfdb192027a1352dd47c7a5dda99053e1e637149a15b26da8de4640cfa513a56c6b8d90
SSDEEP

1536:gdODzM/PTPJWvyEie3s8b42GSxSnjYKEMpFo+JaFoOfQmrSMceor7wmxuDt8AAOH:gJTPJWO8Bx2jYKHp5Ja2OQVr7hxDiL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0c86cc35269dcac5b6f730678a080ba_JaffaCakes118

Files

f0c86cc35269dcac5b6f730678a080ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cad906ff41bc5b7c9c06b637ede59d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
WinExec
GetModuleFileNameA
Sleep
DuplicateHandle
GetCurrentProcess
WriteFile
CreateFileA
GetFileAttributesExA
GetVersionExA
GetLastError
GetStartupInfoA
GetModuleHandleA
CloseHandle
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryA
GetProcAddress
SetFileTime

user32

TranslateMessage
RegisterClassExA
CreateWindowExA
GetDesktopWindow
DispatchMessageA
ShowWindow
GetMessageA
DefWindowProcA
PostQuitMessage

advapi32

StartServiceA
LookupAccountNameA
ConvertSidToStringSidA
OpenSCManagerA
CloseServiceHandle
DeleteService
OpenServiceA
CreateServiceA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
GetUserNameA

msvcrt

__getmainargs
_stricmp
_controlfp
__set_app_type
__p__fmode
rand
_access
sprintf
fclose
fflush
fwrite
fopen
??3@YAXPAX@Z
??2@YAPAXI@Z
strstr
_except_handler3
srand
time
_exit
_XcptFilter
exit
_acmdln
_strlwr
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

shlwapi

SHDeleteKeyA
SHSetValueA
StrStrA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

dbghelp

ImageNtHeader

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cad906ff41bc5b7c9c06b637ede59d6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

shlwapi

version

dbghelp

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 108KB - Virtual size: 105KB

idata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 108KB - Virtual size: 105KB

idata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB