f33903c2ddfeb3c740471be9fb6f0da5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f33903c2ddfeb3c740471be9fb6f0da5_JaffaCakes118
Size

86KB
MD5

f33903c2ddfeb3c740471be9fb6f0da5
SHA1

41624fa16c8fddd23354402f636a7af12a9646f6
SHA256

5198d116547d1a4c2b95440b48c5bafa00b5e30e5bd7b4d48d12a953eabf2bf0
SHA512

3d41c6bb6bad76e878985ec2649b80600103ed6c022d5039a7120885162b07ebc7e325e6ce07c71af0da4f921d37d73de0b5660a24f2ae2e1d5a1b32f60fb445
SSDEEP

1536:N554hxQLDvm+2oFxp221WEzi3lmJFCTVSJymAFftzHk3MBrIXKLPteKV3yl7WW7m:N554bQvv32oF6UWEzK1VbmAFVzQMBrIE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f33903c2ddfeb3c740471be9fb6f0da5_JaffaCakes118

Files

f33903c2ddfeb3c740471be9fb6f0da5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c356a92d054639c4832a2c06dfdff843

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrChrA
StrStrA
StrToIntA

user32

PostThreadMessageA
wsprintfA

advapi32

DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
ControlService

ole32

CoCreateGuid

msvcrt

__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_acmdln
exit
_XcptFilter
_exit
__CxxFrameHandler
memcpy
time
srand
rand
memset
??2@YAPAXI@Z
??3@YAXPAX@Z
__getmainargs

kernel32

SetFilePointer
GetModuleFileNameA
DeleteFileA
GetModuleHandleA
GetStartupInfoA
ReadFile
CreateMutexA
GetLastError
GetFileAttributesExA
ReleaseMutex
lstrcpyA
lstrlenA
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
WriteFile
GetSystemDirectoryA
lstrcatA
WaitForSingleObject
CloseHandle
GetFileTime
SetFileTime
VirtualProtect

Sections

.text
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�3��
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�]��
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c356a92d054639c4832a2c06dfdff843

Headers

File Characteristics

Imports

shlwapi

user32

advapi32

ole32

msvcrt

kernel32

Sections

.text Size: - Virtual size: 6KB

.rdata Size: - Virtual size: 1KB

.data Size: - Virtual size: 4KB

�3�� Size: - Virtual size: 8KB

�]�� Size: 17KB - Virtual size: 17KB

.reloc Size: 1024B - Virtual size: 544B

.text
Size: - Virtual size: 6KB

.rdata
Size: - Virtual size: 1KB

.data
Size: - Virtual size: 4KB

�3��
Size: - Virtual size: 8KB

�]��
Size: 17KB - Virtual size: 17KB

.reloc
Size: 1024B - Virtual size: 544B