f192b6d68e323a16e38a8a55c704a4ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f192b6d68e323a16e38a8a55c704a4ef_JaffaCakes118
Size

231KB
MD5

f192b6d68e323a16e38a8a55c704a4ef
SHA1

3955989f6a485a295a3c04239e6c1572ce4d6beb
SHA256

ad714ee4725b8cd943a87758bfc657b380dcb7affee7b13e0a18aaaead4c3722
SHA512

a3988cf9c36056fdd93e88554720c1b0ea27264a71d08ed1e7efb16b17d65ee2daa8fbaf9295c67bfa05237b55a60752026e766c6ade0b6d65ccc01a56bc534b
SSDEEP

6144:jpcu68vW9sNW1vf+ENihLWE4uek5N17OxZAOWEEH29xtTU:tcu4AhS4n9yxZAEB+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f192b6d68e323a16e38a8a55c704a4ef_JaffaCakes118

Files

f192b6d68e323a16e38a8a55c704a4ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af77f9143886b4b5a7d8db49f51d837c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strstr
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
time
srand
rand
strncat
strchr
_except_handler3
malloc
realloc
_strnicmp

dbghelp

MakeSureDirectoryPathExists

kernel32

SetProcessWorkingSetSize
GetModuleHandleA
GetStartupInfoA
FreeLibrary
HeapAlloc
GetProcessHeap
CloseHandle
lstrlenA
WriteFile
CreateFileA
Process32Next
ExitProcess
GetCurrentProcess
GlobalFree
GlobalAlloc
SetFileTime
LocalFileTimeToFileTime
lstrcpyA
GetLastError
lstrcatA
Sleep
OpenProcess
GetCurrentProcessId
GetCommandLineA
MoveFileA
GetProcAddress
LoadLibraryA
WritePrivateProfileStringA
CopyFileA
DeleteFileA
SetUnhandledExceptionFilter
GetVersionExA

user32

wsprintfA
IsCharAlphaNumericA

advapi32

ControlService
OpenSCManagerA
RegOpenKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegCloseKey
FreeSid
OpenServiceA
ChangeServiceConfigA
RegCreateKeyA
RegOpenKeyA

shell32

SHGetSpecialFolderPathA

shlwapi

PathFileExistsA
PathRemoveFileSpecA

psapi

GetModuleFileNameExA

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af77f9143886b4b5a7d8db49f51d837c

Headers

File Characteristics

Imports

msvcrt

dbghelp

kernel32

user32

advapi32

shell32

shlwapi

psapi

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 48KB - Virtual size: 50KB

.rsrc Size: 134KB - Virtual size: 134KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 48KB - Virtual size: 50KB

.rsrc
Size: 134KB - Virtual size: 134KB