f53e27f21ae31b28579732c4636cd64a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f53e27f21ae31b28579732c4636cd64a_JaffaCakes118
Size

166KB
MD5

f53e27f21ae31b28579732c4636cd64a
SHA1

02df3731e6d45ab191160f1b48c4e813615e7fdf
SHA256

22eb8c788ab99149c2a146bb02c9125e851d46050c2b940635317a720a9c2a5a
SHA512

2476d0499d51f68f06ca9bc5d91d95c7cabfe6186014ba70f9eab1264a73a9c9c82c39a04d50d6d12cc1c16693072781a16005d0501e86a201b2458eac85e320
SSDEEP

3072:mtuFljq1lYBCWUfSFE0Rs4hEhGl/fmOWhwBnfnaTKXx49jpEwTUNfM6gD+k/:mMmYB4SFRceVKw5na40tEryB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f53e27f21ae31b28579732c4636cd64a_JaffaCakes118

Files

f53e27f21ae31b28579732c4636cd64a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1902e8056b5edd085cf0ae4a92f6167

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
CloseServiceHandle
EqualSid
GetTokenInformation
GetUserNameA
RegQueryInfoKeyA
RegQueryValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus

kernel32

CloseHandle
CompareStringA
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileMappingA
CreateMutexA
CreateThread
CreateToolhelp32Snapshot
DeviceIoControl
ExitProcess
FindNextFileA
FindResourceA
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetExitCodeProcess
GetFileSize
GetFileTime
GetLastError
GetLocalTime
GetModuleFileNameA
GetOEMCP
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStdHandle
GetSystemInfo
GetThreadTimes
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetVersionExA
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
Module32Next
MoveFileExA
MulDiv
MultiByteToWideChar
OpenEventA
OpenProcess
QueryPerformanceCounter
RaiseException
ReadFile
ReadProcessMemory
ResetEvent
SetErrorMode
SetHandleCount
Sleep
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
WriteConsoleA
WriteFile
lstrcmpiA
lstrcpynA
lstrlenA

ole32

CLSIDFromString
CoRevokeClassObject
CoUnmarshalInterface
CreateOleAdviseHolder
StringFromGUID2

user32

CreateWindowExA
DestroyIcon
DestroyMenu
DispatchMessageA
EnableMenuItem
EnableWindow
EndDialog
EnumChildWindows
GetActiveWindow
GetCapture
GetMessageA
GetParent
GetSubMenu
GetWindow
IsWindow
LoadBitmapA
LoadCursorA
LoadImageA
MessageBoxA
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetCapture
SystemParametersInfoA
UnregisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: - Virtual size: 272KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 164KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c1902e8056b5edd085cf0ae4a92f6167

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

version

Sections

.text Size: - Virtual size: 272KB

.data Size: 164KB - Virtual size: 168KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: - Virtual size: 272KB

.data
Size: 164KB - Virtual size: 168KB

.rsrc
Size: 1KB - Virtual size: 1KB